AppSec Blog

Application Security news, research, vulnerabilities, DevSecOps, CI/CD tooling, hacking and more

AppSec Testing

8 Great Snyk Alternatives

What is Snyk? Snyk is an application security testing tool that lets you identify and remediate vulnerabilities in open source components, proprietary source code, containers,

Vulnerabilities

XSS Attack: 3 Real Life Attacks and Code Examples

What is an XSS Attack? A cross-site scripting (XSS) attack injects malicious code into vulnerable web applications. XSS does not target the application directly. Instead,

devops testing banner
AppSec Testing

DevOps Testing: The Basics and 5 Best Practices

What Is DevOps Testing? DevOps is a methodology promoting close communication and cooperation between development and operations teams. Implementing DevOps requires adopting certain tools and

AppSec Testing

What is Penetration Testing as a Service (PTaaS)?

Organizations are under constant threat from a wide variety of vulnerabilities. Security professionals can be slow to identify and remediate vulnerabilities in software and IT

AppSec Testing

Black-Box Penetration Testing: Pros and Cons

What is Black-Box Penetration Testing? The term black-box penetration testing (pentesting) refers to external tests aimed at identifying vulnerabilities in systems, applications, or networks. Unlike

DevSecOps
AppSec Testing

What Is DevSecOps? Adding Security to the SDLC

DevSecOps is a strategic approach that unites development, security, operations, and infrastructure as code (IaaS) in a continuous and automated delivery cycle.  DevSecOps aims to