ASPM vendors: Things to look for in an ASPM solution

Tue, 01 Jul 2025

Not all ASPM vendors are alike—some merely aggregate data from external tools, while others build posture management into robust testing platforms. This article explores what meaningful ASPM should look like and why a DAST-first foundation is key to cutting through noise and improving real security outcomes.

Netsparker’s Web Security Scan Statistics for 2018

Thu, 25 Oct 2018

The Dangers of Open Git Folders

Thu, 18 Oct 2018

NoScript Vulnerability in Tor Browser

Thu, 11 Oct 2018

Sven Morgenroth Talks About PHP Type Juggling on Paul’s Security Weekly Podcast

Tue, 18 Sep 2018

Vulnerability Assessments and Penetration Tests – What’s the Difference?

Thu, 06 Sep 2018

Final Nail in the Coffin of HTTP: Chrome 68 and SSL/TLS Implementation

Thu, 30 Aug 2018

PHP Type Juggling Exploit: Vulnerability, Payloads, and Fixes

Wed, 22 Aug 2018

Leverage Browser Security Features to Secure Your Website

Tue, 14 Aug 2018

What the Reddit Hack Teaches Us About Web Security

Tue, 14 Aug 2018

State of Security for Open Source Web Applications 2018

Thu, 09 Aug 2018

Exploiting a Microsoft Edge Vulnerability to Steal Files

Wed, 01 Aug 2018

This blog post documents our Security Researcher Ziyahan Albeniz’s experiment in exploiting a Microsoft Edge browser vulnerability. He explains how a combination of SOP, the ability to email clickable links and a vulnerability in both the Windows Mail and Calendar applications actually enable the exploit. It includes his Proof of Exploit video.