AppSec Blog

Application Security news, research, vulnerabilities, DevSecOps, CI/CD tooling, hacking and more

penetration testing services banner
AppSec Testing

Penetration Testing Services: Manual or Automated?

What are Penetration Testing Services? Penetration testing (also called pentesting) is a controlled attempt to breach IT systems. Penetration testing is performed on behalf of

csrf attack banner
Vulnerabilities

CSRF Attacks: Real Life Attacks and Code Walkthrough

What is CSRF Attack? Cross-Site Request Forgery (CSRF) attacks execute unauthorized actions on web applications, via an authenticated end-user’s connection. Threat actors typically use social

AppSec Testing

Putting the Sec in DevSecOps

Last week I had the pleasure of presenting at the Pittsburgh Cybersecurity day in partnership with ISACA. It was exciting to see more than 250

AppSec Testing

DevSecOps Tooling Best Practices

DevOps teams have become successful in releasing code at speed, whether for webapps or APIs, but with the lack of testing automation, are releasing vulnerabilities