attack surface EASM
Security through obscurity: An illusion of safety? 
Application Security
26 Feb 2025
Security through obscurity is based on the idea that if attackers don’t know how a system works or even if...

Featured Posts
Research & Threat Intel
02 Jan 2024
How to monitor your organization’s presence on the dark web
Application Security
15 Nov 2023
Can traditional pen testing keep up with modern AppSec? Ask the pen tester 
Application Security
10 Jan 2023
A pen tester’s guide to Content Security Policy

Topics

white text on blue background visualizing the overwhelming amount of data in pen testing that can lead to false positives
How to reduce false positives when pen testing web...
Application Security
12 Feb 2025
In the context of penetration (pen) testing, false positives are where the testing tools or methods identify a security vulnerability...
Outpost24’s Capture the Flag event recap: “json returns”
Application Security
31 Jan 2025
On the crisp morning of December 13th, 2024, as the clock struck 09:59 CET, anticipation filled the air. Around the...
press release
Five strategies for uncovering vulnerabilities in web applications
Application Security
19 Nov 2024
I’ve been working as an Application Security Auditor in Oupost24’s web application security testing team for almost three years now....
press release
Exploiting trust: Weaponizing permissive CORS configurations
Application Security
01 Oct 2024
If you’re a pentester, or a consumer of application security pentest reports, you’ll probably have come across Cross-Origin Resource Sharing...