10 common developer misconceptions about web application security
Where it all begins: The troubled relationship between software innovation and security Software development is all about making things work and creating new functionality that solves problems and...
View ArticleChannel 4 optimizes cybersecurity and boosts efficiency after partnering with...
Projects can be managed on time and on budget, allowing Channel 4 to reduce their spend by nearly 80%, according to Channel 4 CISO Brian Brackenborough. In a complex cyberthreat landscape,...
View ArticleIncorporating business logic to get the best out of DAST
Why business logic makes life difficult for (some) scanners Today’s web applications are nothing like the static websites of old – the code that your browser loads and manipulates at any given moment...
View ArticleCan you afford to cut back on web application security?
Perhaps you feel that security vendors are trying to sell you something by scaremongering. After all, the chances that your business is going to be the next breach victim like Capital One or Equifax...
View ArticleClik here to view.
Invicti Security Appoints Frank Catucci as Chief Technology Officer and Head...
AppSec expert will lead the Invicti research team and drive vision for application security advancement. AUSTIN, Texas – (September 14, 2022) – Invicti Security today announced Frank Catucci has...
View ArticleClik here to view.
Invicti Security and ESG Release New Report on How Companies are Shifting...
AUSTIN, Texas – (September 20, 2022) – Invicti Security, an application security leader for over 15 years, today released a new white paper: “Automated Application Security Testing for Faster...
View ArticleSecurity tool integration can make or break secure development – ESG report
Getting an application security testing tool and getting actual security improvements are two entirely different things. For its recent report Automated Application Security Testing for Faster...
View ArticleSo you think cross-site scripting isn’t a big deal?
Cross-site scripting (XSS) vulnerabilities have always been the most numerous class of web application security issues. They are easy to introduce but much harder to find and remediate, which...
View ArticleClik here to view.
September 2022 update for Invicti Enterprise On-Demand
We’re delighted to share the September 2022 update for Invicti Enterprise On-Demand. The highlights of this release are the improved Jira integration and a new reports option in the Jenkins...
View ArticleClik here to view.
How cybersecurity frameworks apply to web application security
A cybersecurity framework provides a formal and comprehensive set of guidelines to help organizations define their security policies, assess cybersecurity posture, and improve resilience....
View ArticleInvicti exhibiting at it-sa Expo and Congress 2022
We’re thrilled to be exhibiting at it-sa Expo and Congress for the first time, taking place on October 25th–27th 2022 in Nuremberg, Germany. This event is undoubtedly one of the largest in the...
View ArticleClik here to view.
Insecure coding workshop: Analyzing GitHub Copilot suggestions
Since it was introduced, GitHub Copilot has already saved developers thousands of hours by providing AI-powered code suggestions. Copilot suggestions are definitely useful, but they were never...
View ArticleClik here to view.
October 2022 update for Invicti Enterprise on-premises
We’re delighted to announce the release of Invicti Enterprise On-Premises 2.4. The new release rolls together a wide range of updates and improvements, most notably the Business Logic Recorder, Azure...
View ArticleLet’s stop the noise around false positives
In cybersecurity, we’re obsessed with false positives, whether we’re identifying or avoiding them. As with so much industry jargon, the term is wearing thin, to the point that vendor claims of lower...
View ArticleState and Local Cybersecurity Grant Program requirements are here, and...
In May of 2021, the Biden Administration issued its Executive Order on Cybersecurity and began the process of guiding agencies toward improving their security posture. Since then, the government has...
View ArticleClik here to view.
Invicti Security Gains Momentum; Delivers Zero Noise Approach to AppSec
On the heels of Log4Shell and steady security incidents, it is critical that teams don’t get lost in the noisy landscape of Cybersecurity Awareness Month and instead focus on the ROI of AppSec...
View ArticleHTTP security headers: An easy way to harden your web applications
What are HTTP security headers? HTTP security headers are a subset of HTTP headers that is related specifically to security. They are exchanged between a client (usually a web browser) and a server to...
View ArticleGuide: Rethinking application security risk for federal agencies
Under pressure to comply with security mandates and make rapid improvements to their security posture, federal organizations are looking for solutions and approaches that combine broad visibility with...
View ArticleClik here to view.
New research finds 73% of organizations will increase AppSec investment in 2023
In difficult economic times with the increased risk of bad-actor threats, it’s critical that organizations prioritize investing in zero noise, modern AppSec solutions that demonstrate ROI with...
View ArticleVulnerabilities a routine part of web application releases, survey finds
Teaming up once again with Wakefield Research for the Fall 2022 edition of the Invicti AppSec Indicator, we’ve found that 74% of companies frequently or routinely release software that contains...
View Article