What is ASPM, or application security posture management?

Tue, 17 Jun 2025

ASPM tools promise a unified view of application security by aggregating data from testing tools like DAST, SAST, and SCA—but they don’t generate insights on their own. This post breaks down how ASPM works, where it adds value, and how a DAST-first platform like Invicti can offer many of the same capabilities but with validated and actionable results from its own security testing.

Investigating CQL injection in Apache Cassandra

Fri, 02 Dec 2022

One year since Log4Shell, two since SolarWinds: What’s coming in 2023?

Wed, 23 Nov 2022

Which open-source vulnerability scanner is right for you?

Tue, 22 Nov 2022

Sleeping on your application security? The bots are always wide awake

Fri, 18 Nov 2022

DAST tools as force multipliers for human cybersecurity skills

Wed, 16 Nov 2022

Invicti’s automated DAST turns heads at it-sa Expo&Congress 2022

Thu, 10 Nov 2022

Path traversal in Java web applications – announcing the Invicti technical paper

Fri, 04 Nov 2022

OpenSSL 3.0.0–3.0.6 vulnerabilities: Less Heartbleed, more paper cut

Wed, 02 Nov 2022

Cybersecurity awareness is for life, not just for October

Mon, 31 Oct 2022