Antoine Carossio
Escape - Application Security & Offensive Security Blog

Everything I Learned About Harness Engineering and AI Factories in San Francisco (April 2026)

Everything I Learned About Harness Engineering and AI Factories in San Francisco (April 2026)

|
I spent the last week ... Read More
Escape - Application Security & Offensive Security Blog
Everything I Learned About Harness Engineering and AI Factories in San Francisco (April 2026)

Everything I Learned About Harness Engineering and AI Factories in San Francisco (April 2026)

|
I spent the last week ... Read More
Escape - Application Security & Offensive Security Blog
Introducing Multi-User Testing with Natural Language Queries in Escape DAST

Introducing Multi-User Testing with Natural Language Queries in Escape DAST

| | Application Security, Product Security, Product updates
Secure your multi-tenant SaaS applications with Escape DAST’s powerful multi-user testing and tenant isolation features ... Read More
Escape DAST - Application Security Blog
How AppSec Teams Are Adapting to AI: Real-World Insights from DoubleVerify, PandaDoc & More

Top Automated Pentesting Tools (2025)

| | pentesting
Explore the top automated pentesting tools of 2025. Learn how modern platforms detect business logic flaws, deliver true positives, and scale continuous security testing, so security teams can replace manual pentests with faster, more accurate coverage ... Read More
Escape DAST - Application Security Blog
How to Efficiently Implement DAST in CI/CD (2025 Guide)

How to Efficiently Implement DAST in CI/CD (2025 Guide)

|
Implement DAST in CI/CD to catch runtime vulnerabilities, reduce false positives, and secure modern apps without slowing down developers ... Read More
Escape DAST - Application Security Blog
The Paradox of Disabling GraphQL Introspection: Lessons from the Parse Server GraphQL API vulnerability

The Paradox of Disabling GraphQL Introspection: Lessons from the Parse Server GraphQL API vulnerability

| | graphql, GraphQL Introspection, GraphQL Security
Last week, the security community was alerted to a vulnerability in Parse Server GraphQL API, which allowed public access to the GraphQL schema without requiring a session token or the master key. It is now identified as CVE-2025-53364. So, the question comes up: Should we disable introspection entirely in production ... Read More
Escape DAST - Application Security Blog
We benchmarked DAST products, and this is what we learned

We benchmarked DAST products, and this is what we learned

| | API security, Application Security, DAST
In this article we benchmark Escape against other DAST tools. Focusing on VAmPI and DVGA, we compare results across different API types ... Read More
Escape - The API Security Blog
Lack of effective DAST tools⎥Aleksandr Krasnov (Meta, Thinkific, Dropbox)

DAST is dead, why Business Logic Security Testing takes center stage

| | API security, Application Security, DAST, shift left
DAST is dead, discover why business logic security testing takes center stage ... Read More
Escape - The API Security Blog
Is Gen AI your new AppSec weapon?

Escape’s proprietary business logic security testing algorithm: What makes it innovative

| | API security
In this article, we'll show how we created Escape's proprietary business logic security testing algorithm and what makes it innovative ... Read More
Escape - The API Security Blog
Introducing business logic security testing for REST APIs

Introducing business logic security testing for REST APIs

| | API security, AppSec, openapi, rest
REST API business logic security testing is available to all Escape users. Scan your REST endpoints and get your full vulnerability assessment ... Read More
Escape - The API Security Blog