Web Security Blog

How to run a vulnerability scan

Tue, 15 Apr 2025

Vulnerability scanning helps uncover security weaknesses before attackers can exploit them, especially in web applications and APIs. This guide explains how to effectively scope, execute, and analyze scans—highlighting why testing with DAST offers the most reliable path to identifying real, exploitable issues.

Read more

Polyfill supply chain attack: What to do when your CDN goes evil

Thu, 27 Jun 2024

How to prevent XSS attacks

Thu, 20 Jun 2024

Invicti Security

What the OWASP Top 10 for LLM applications tells us about generative AI security

Thu, 13 Jun 2024

Making sense of AppSec vs. DevSecOps

Thu, 06 Jun 2024

How bad is a missing Content-Type header?

Thu, 23 May 2024

Why Predictive Risk Scoring is the smart way to do AI in application security

Thu, 16 May 2024

How to choose the right application security tools

Fri, 10 May 2024

What is DevSecOps and how is it evolving?

Wed, 01 May 2024

AppSec prioritization goes proactive with AI-backed Predictive Risk Scoring

Tue, 23 Apr 2024

NIST CSF 2.0: The world’s favorite cybersecurity framework comes of age

Fri, 12 Apr 2024

The xz-utils backdoor: The supply chain RCE that got caught

Fri, 05 Apr 2024

Why DAST makes the perfect security posture gauge

Thu, 28 Mar 2024