ASPM vendors: Things to look for in an ASPM solution

Tue, 01 Jul 2025

Not all ASPM vendors are alike—some merely aggregate data from external tools, while others build posture management into robust testing platforms. This article explores what meaningful ASPM should look like and why a DAST-first foundation is key to cutting through noise and improving real security outcomes.

Path traversal in Java web applications – announcing the Invicti technical paper

Fri, 04 Nov 2022

OpenSSL 3.0.0–3.0.6 vulnerabilities: Less Heartbleed, more paper cut

Wed, 02 Nov 2022

Cybersecurity awareness is for life, not just for October

Mon, 31 Oct 2022

Vulnerabilities a routine part of web application releases, survey finds

Tue, 25 Oct 2022

Guide: Rethinking application security risk for federal agencies

Mon, 24 Oct 2022

Let’s stop the noise around false positives

Fri, 14 Oct 2022

Insecure coding workshop: Analyzing GitHub Copilot suggestions

Thu, 06 Oct 2022

How cybersecurity frameworks apply to web application security

Fri, 30 Sep 2022

So you think cross-site scripting isn’t a big deal?

Fri, 23 Sep 2022

Security tool integration can make or break secure development – ESG report

Wed, 21 Sep 2022

Can you afford to cut back on web application security?

Mon, 12 Sep 2022