Web Security Blog

The risks of doing vulnerability testing and management for compliance only

Wed, 28 May 2025

In this instalment of CISO’s Corner, we deal with the pitfalls of mistaking compliance for security and see how adopting a risk-based mindset helps you stay secure in the real world while still checking all the right boxes.

Read more

What is a cross-site scripting vulnerability?

Wed, 28 Jul 2021

Behind the jargon: False negatives in application security

Tue, 20 Jul 2021

Understanding session fixation attacks

Fri, 16 Jul 2021

Why DAST is the perfect fit for agile software projects

Tue, 13 Jul 2021

JSON Web Token attacks and vulnerabilities

Fri, 02 Jul 2021

Introduction to web cache poisoning

Fri, 25 Jun 2021

What Biden’s executive order on cybersecurity means for web application security

Fri, 04 Jun 2021

Do you have a web application security program or are you merely testing?

Fri, 28 May 2021

Agile DevOps, waterfall AppSec

Fri, 14 May 2021

How Invicti helps security keep up with development

Fri, 07 May 2021

Are you integrating application security testing into development? Analysts say you should

Wed, 05 May 2021

Understanding the most common JavaScript vulnerabilities

Fri, 30 Apr 2021