Web Security Blog

Broken access control: The leading OWASP Top 10 security risk

Fri, 28 Mar 2025

Application security flaws classified as broken access control weaknesses are the most impactful risk category in the OWASP Top 10. This article shows how attackers can exploit access control gaps, lists high-profile data breaches caused by such attacks, and gives best practices for preventing and mitigating broken access control vulnerabilities.

Read more

NIST CSF 2.0: The world’s favorite cybersecurity framework comes of age

Fri, 12 Apr 2024

The xz-utils backdoor: The supply chain RCE that got caught

Fri, 05 Apr 2024

Why DAST makes the perfect security posture gauge

Thu, 28 Mar 2024

Never trust an LLM: Prompt injections are here to stay

Thu, 14 Mar 2024

More than a box to tick: Meet the real DAST

Thu, 07 Mar 2024

Will autonomous hacking bots change cybersecurity forever?

Fri, 23 Feb 2024

How AI makes cybersecurity even more asymmetric

Fri, 16 Feb 2024

Customer feedback and continuous improvements: The perfect AppSec match

Fri, 09 Feb 2024

3 ways that security tool sprawl can hurt application security testing

Fri, 19 Jan 2024

About that vulnerability… Are you sure it’s fixed?

Fri, 12 Jan 2024

The HHS outlines vital new pillars of action for cybersecurity in healthcare

Thu, 04 Jan 2024

3 big reasons why 2024 will be a fierce and noisy year for cybersecurity

Fri, 22 Dec 2023