Blue open lock as symbol for authentification
Six authentication vulnerabilities in web applications  
Application Security
09 Apr 2025
Authentication is used by most web applications. Both for letting users have access to individual accounts, but also for protecting...

Featured Posts
Research & Threat Intel
02 Jan 2024
How to monitor your organization’s presence on the dark web
Application Security
15 Nov 2023
Can traditional pen testing keep up with modern AppSec? Ask the pen tester 
Application Security
10 Jan 2023
A pen tester’s guide to Content Security Policy

Topics

press release
CrushFTP auth bypass vulnerability: Disclosure mess leads to attacks 
Application Security
02 Apr 2025
Outpost24 analysts recently discovered a critical authentication bypass vulnerability in CrushFTP, identified as CVE-2025-31161. The vulnerability has a CVSSv3.1 score...
attack surface EASM
Security through obscurity: An illusion of safety? 
Application Security
26 Feb 2025
Security through obscurity is based on the idea that if attackers don’t know how a system works or even if...
white text on blue background visualizing the overwhelming amount of data in pen testing that can lead to false positives
How to reduce false positives when pen testing web...
Application Security
12 Feb 2025
In the context of penetration (pen) testing, false positives are where the testing tools or methods identify a security vulnerability...
Outpost24’s Capture the Flag event recap: “json returns”
Application Security
31 Jan 2025
On the crisp morning of December 13th, 2024, as the clock struck 09:59 CET, anticipation filled the air. Around the...