What is DevSecOps and how is it evolving?

DevSecOps has matured from a radical new approach to the cornerstone of practical application security. Integrating security checks and practices into DevOps processes has proved to be a necessity to keep up with rapid development. Modern security testing tools have also matured to where they can be embedded into agile workflows without hindering dev work.

An Easy to Use Web Application Security Scanner Means More Secure Web Applications

Most security software is very difficult to use hence businesses and organizations are failing to ensure the security of their IT assets. See how Netsparker is helping businesses ensure the long term security of their websites and web applications by developing an easy to use web application security scanner that also allows more automation.

Using Invicti To Comply With The OWASP Application Security Verification Standard When Developing Web Applications

The OWASP Application Security Verification Standard is a set of standards developed by OWASP to help developers write more secure code and web applications. This article explains how an automated web application security scanner such as Netsparker can help you comply with OWASP ASVS and develop more secure web applications.

Security Weekly Interviews Ferruh Mavituna about Web Application Security

In this interview with Security Weekly, Ferruh talks about web application security and explains how he got started, why Netsparker Enterprise is the ideal tool for large organizations who would like to ensure the security of all their web applications, explains how the false positive free vulnerability scanning technology works and much more.

Netsparker Enterprise or Netsparker Desktop?

Should you use the desktop edition of Netsparker or go for Netsparker Enterprise, the new online web application security scanner? This article talks about the scope of both products and explains in detail what they are to help you better understand both products and choose the best solution.

What Can You Learn from 87 Advisories About Web Application Vulnerabilities?

This article looks into the details of all the 87 advisories Netsparker published about SQL Injection, XSS and other vulnerabilities Netsparker Web Application Security Scanner identified in several open source web applications. It uses statistics to highlight the state of security of both open source and non open source web applications.

Passwords vs. Pass Phrases – Innovation and Evolution

This third and last password paper looks into new innovations and evolution of passwords and authentication mechanisms. It looks into what other options there are available should we opt for something more secure than passwords and pass phrases.

An automated scanner that finds all OWASP Top 10 security flaws? Really?

Shellshock Bash Remote Code Execution Vulnerability Explained and How to Detect It

The Shellshock Bash vulnerability allows an attacker to send operating system commands to the web server operating system, thus allowing the attacker to take over the server. This web security article explains what is the Shellshock vulnerability and how you can automatically check if your web environment is vulnerable to this critical vulnerability.

Ruby on Rails Security Basics

How Fast is Your Web vulnerability Scanner?

There are many different factors that can affect the duration of a complete web application security test. Learn what such factors are and learn how to evaluate your security tools to ensure your business gets the best return on investment when doing web application security tests.

URL Rewrite Rules and Web Vulnerability Scanners

URL Rewrite Rules have become extremely popular in web applications but many web vulnerability scanners fall short of automatically scan such websites. Read this article to learn more on why typical web vulnerability scanners are unable to scan websites which use URL rewrite rules and what Netsparker did to allow users to easily and automatically scan websites with URL rewrite technology enabled.