Threat modeling is an activity that helps you identify and mitigate threats. It’s very important because it makes you look at security risks top-down, focus on decision-making and prioritize cybersecurity decisions, and consider how you can use your resources in the best possible way. There…
Considerations for web application remediation testing
It seems that most application security discussions revolve around initial vulnerability scanning and penetration testing. You’ve got to start somewhere. The thing is many people often stop at that point. Vulnerabilities are uncovered, results are passed along to developers, DevSecOps, or other technical staff, and…
Penetration testing vs vulnerability scanning
Businesses often perceive vulnerability scanning as an alternative to penetration testing. This perception is wrong. An organization conscious of cybersecurity must include both these activities in their business processes and make sure that they work in unison. Missing out on one of them greatly decreases…
Acunetix releases IAST support for JBoss, Jetty and WildFly Java servers as well as Servlet 3 and Jersey Java frameworks
A new Acunetix Premium update has been released for Windows, Linux, and macOS: 14.8.220519149. This Acunetix release introduces support for JBoss, Jetty and WildFly, allowing the Java IAST sensor (AcuSensor) to be used with these Java servers. In addition, the Java IAST sensor has been…
What is DevSecOps and how should it work?
DevSecOps stands for development, security, and operations. Similar to DevOps or SecOps, it is a concept that joins two previously separate roles into a unified environment. DevSecOps teams are responsible for providing conditions for continuous secure software development. Being a newer concept than DevOps, DevSecOps…
Four ways to combat the cybersecurity skills gap
The lack of cybersecurity talent is nothing new. It’s a problem that all businesses have been facing for several years and it’s getting worse. There have been many proposals on how to narrow the gap, but so far all efforts have been futile. Let’s have…
Four ways AppSec analytics help your DevSecOps pros work smarter, not harder
What’s in a number? For DevSecOps professionals, the answer is “a lot.” Analytics in application security (AppSec) hold immense power, helping teams decide where to focus their priorities and pick up on patterns that uncover knowledge gaps. Reporting with clear analytics helps set standards for…
Acunetix by Invicti exhibiting at RSA Conference 2022
We’re thrilled to once again be exhibiting at the RSA Conference from June 6-9 in San Francisco. This event is undoubtedly one of the largest in the industry, convening thousands of innovators in cybersecurity from around the world to share perspectives that spark new ideas. This year’s…
How to build a cyber incident response plan
No matter how well you manage your security posture, there is always a chance that you will become a victim of a cyber attack. That is why every organization, no matter the size, should be prepared to react to a cyber incident. The key element…