Netsparker is now Invicti
Get a demo
Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World 100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Get a demo
  • Product
    • Web Application Security
    • API Security
    • Features
    • DAST
    • SAST
    • SCA
    • Container Security
  • Why Us?
    • Solutions
      • Industries
        • IT & Telecom
        • Government
        • Financial Services
        • Education
        • Healthcare
      • Roles
        • CTO & CISO
        • Engineering Manager
        • Security Engineer
        • DevSecOps
    • Comparison
    • Case studies
    • Customers
    • Testimonials
  • Pricing
  • About Us
    • Our Story
    • In the news
    • Careers
    • Contact us
  • Resources
    • Blog
    • White Papers
    • Webinars
    • Podcasts
    • Invicti Learn
    • Resource Library
    • Partners
      • Channel
      • MSSP
    • Support
Web Security Blog
  • Web Security
  • Security Labs
  • News
  • Product Docs & FAQs

The risks of doing vulnerability testing and management for compliance only

Wed, 28 May 2025

In this instalment of CISO’s Corner, we deal with the pitfalls of mistaking compliance for security and see how adopting a risk-based mindset helps you stay secure in the real world while still checking all the right boxes.

Read more

Remote Code Evaluation (Execution) Vulnerability

Tue, 01 Nov 2016

This article explains what the Remote Code Evaluation (execution) vulnerability is and how attackers can exploit it. The article also explains of what you should do as a developer to prevent this vulnerability.

Paul’s Security Weekly #483 – Netsparker CEO Talks on CSRF, WAFs, Selenium and CSP

Mon, 10 Oct 2016

Ferruh Mavituna, Netsparker’s CEO and founder talks at length about web application security testing, the SQL Injection vulnerability and the security standard Content Security Policy (CSP) in the popular podcast Paul’s Security Weekly, episode number 483.

Exploiting a CSRF Vulnerability in MongoDB Rest API

Fri, 23 Sep 2016

This article explains how attackers can exploit a Cross-site Request Forgery (CSRF) vulnerability in the MongoDB REST API to extract data from the database of the vulnerable database management system.

CRLF injection, HTTP response splitting, and HTTP header injection vulnerabilities

Thu, 23 May 2019

What is a local file inclusion vulnerability?

Fri, 10 May 2019

SameSite Cookie Attribute: Preventing CSRF SameSite Exploits

Tue, 23 Aug 2016

This article looks into the details of how the Same-Site cookie attribute works and how it can be used to help prevent malicious cross-site request forgery (CSRF) attacks.

What is the command injection vulnerability?

Thu, 04 Jul 2019

Yandex Browser Vulnerability Allows Attackers to Steal Victim’s Browsing Data

Tue, 09 Aug 2016

This post explains how a malicious hacker can exploit a CSRF vulnerability in the Yandex browser that would allow them to get hold of the victim’s confidential browsing data, including bookmarks, browsing history and also saved usernames and passwords.

Web Application Security and the SDLC Discussed on the Virtualization and Cloud Security Podcast

Mon, 22 May 2017

Ferruh Mavituna, Netsparker’s CEO talks about web application security automation and scalability with Edward Haletky in episode 17 of the Virtualizastion and Cloud Security Podcast.

Subresource Integrity (SRI) for Validating Web Resources Hosted on Third Party Services (CDNs)

Wed, 29 Jun 2016

This article explains what is Subresource Integrity (SRI), how it works and how it helps web application developers ensure a more secure web environment especially when hosting resources on third party servers and services such as Content Delivery Networks (CDNs).

Web Application Security Basics – Keeping All Your Software Up To Date

Mon, 22 May 2017

What can we learn from the Mossack Fonseca hack and the Panama Papers leak? This article highlights the repercussions of ignoring one of the most basic concepts of IT and web application security; not updating your software.

Security Weekly Talks About Web Application Security & Automation with Netsparker CEO

Mon, 22 May 2017

In this episode of Security Weekly, Netsparker CEO Ferruh Mavituna talks about automating and scaling up the process of web application security scanning.

< 1 … 37 38 39 40 41 42 43 … 45 >
Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World

Invicti Security Corp
1000 N Lamar Blvd Suite 300
Austin, TX 78703, US

© Invicti 2025

  • RESOURCES
    • Features
    • Integrations
    • Plans
    • Case Studies
    • Changelogs
    • Invicti Learn
  • USE CASES
    • Penetration Testing Software
    • Website Security Scanner
    • Ethical Hacking Software
    • Web Vulnerability Scanner
    • Comparisons
    • Online Application Scanner
  • WEB SECURITY
    • The Problem with False Positives
    • Why Pay for Web Scanners
    • SQL Injection Cheat Sheet
    • Getting Started with Web Security
    • Vulnerability Index
    • Content Security Policy (CSP) Directives, Examples, Fixes
  • COMPARISON
    • Acunetix vs. Invicti
    • Burp Suite vs. Invicti
    • Checkmarx vs. Invicti
    • Probely vs. Invicti
    • Qualys vs. Invicti
    • Tenable Nessus vs. Invicti
  • COMPANY
    • About Us
    • Contact Us
    • Support
    • Careers
    • Resources
    • Partners
© Invicti 2025
  • Compliance
  • Legal
  • Privacy Policy
  • California Privacy Rights
  • Terms of Use
  • Accessibility
  • Sitemap

By using this website you agree with our use of cookies to improve its performance and enhance your experience. More information in our Privacy Policy.