OWASP API Top 10 for Dummies — Part #2Welcome back to our blog series on the OWASP API Top 10! This is continued from Part I. If you haven’t read the first part, check it out…Nov 27, 2022Nov 27, 2022
Log4Shell — Simple Techincal Explanation of the ExploitLast week’s Log4Shell vulnerability is a dramatic example of how modern applications, interconnected services and pervasive APIs can…Dec 17, 2021Dec 17, 2021
31 Tips — Advanced Bug Bounty & PentestingTo welcome Blackhat & Defcon conferences, we published a daily tip on Bug Bounty & AppSec during the month of July 2021.Aug 23, 2021Aug 23, 2021
Behind the Scenes of SAST — The Challenges of Code ScanningI love the idea behind Static Application Security Testing (SAST) tools — they aim to create a utopian world clean from application…Apr 19, 20212Apr 19, 20212
Behind the Scenes of DAST — How do Security Scanners Work ?The idea behind Dynamic Applications Security Testing (DAST) is pretty clever — a tool that simulates a human penetration tester. With the…Mar 16, 2021Mar 16, 2021
Modern Application Security — Good and Bad NewsThis is the second article in a 2-part blog series. In the previous article, we talked about the major changes in application development…Aug 26, 2020Aug 26, 2020
Modern Application Security — What are Modern Applications?What are Modern Applications?Aug 26, 2020Aug 26, 2020