Let’s stop the noise around false positives

False positives in cybersecurity have gone from a precise technical term to a catch-all moniker for all undesirable results. This post cuts through the jargon to show that the wider challenge facing ...
Insecure coding workshop: Analyzing GitHub Copilot suggestions

Insecure coding workshop: Analyzing GitHub Copilot suggestions

AI-generated code suggestions from GitHub Copilot can be a huge timesaver – but what about security? Invicti security engineer Kadir Arslan examines Copilot suggestions and points out common vulnerabilities that you need ...
cybersecurity SaaS extension

LayerX Platform Secures Browsers Using Machine Learning

LayerX this week emerged from stealth to launch a modern browser extension that leverages machine learning algorithms to ensure connections made to applications are secure. LayerX CEO Or Eshed said an approach ...
Security Boulevard
NIST cybersecurity framework

How cybersecurity frameworks apply to web application security

Cybersecurity frameworks are formalized sets of guidelines for defining cybersecurity policies. This post explains why they are so useful and how you can use the most popular NIST framework when building your ...

So you think cross-site scripting isn’t a big deal?

Far from being low-priority issues, cross-site scripting vulnerabilities in your websites and applications can directly put your users and customers at risk. This post goes through just one possible attack scenario to ...

Security tool integration can make or break secure development – ESG report

Application security tools are vital for secure development, but the way they are used makes all the difference. A research report prepared by ESG with Invicti underlines the importance of security tool ...

Can you afford to cut back on web application security?

Every data breach is costly, but it doesn’t take a sophisticated attacker to get your company into big trouble. Web application security is your first line of defense – and here’s why ...

Channel 4 optimizes cybersecurity and boosts efficiency after partnering with Invicti

Using Invicti for vulnerability scanning has allowed Channel 4 to improve security while also spending less on manual penetration testing. Invicti spoke to Channel 4 CISO Brian Brackenborough about the benefits of ...

10 common developer misconceptions about web application security

If you’re a web developer, you’re already familiar with many aspects of application security – and you’ve also heard conflicting opinions about it. To clear up some popular AppSec myths, we’ve put ...

Why it’s important to address web server-related flaws and not just the application itself

Many application vulnerabilities found during testing originate with the web server, not the application itself. Kevin Beaver discusses the importance of web server security. The post Why it’s important to address web ...