bug bounty program graphic in light blue with bug, money and laptop icon
Bug bounty programs: Can you rely on them 100%?
Application Security
08 Jul 2025
It’s tempting to view bug bounty programs as a cheat code – an enticing shortcut to uncover vulnerabilities by tapping...

Featured Posts
Research & Threat Intel
02 Jan 2024
How to monitor your organization’s presence on the dark web
Application Security
15 Nov 2023
Can traditional pen testing keep up with modern AppSec? Ask the pen tester 
Application Security
10 Jan 2023
A pen tester’s guide to Content Security Policy

Topics

Outpost24 logo
CVE-2024-58248: Race condition vulnerability leaves nopCommerce at risk of...
Application Security
01 Jul 2025
I recently discovered an interesting race condition vulnerability in the eCommerce software nopCommerce, during a manual pen test as part...
Graphic for blog on OAuth vulnerabilities
Tokens & traps: Seven common OAuth vulnerabilities (plus mitigations)
Application Security
18 Jun 2025
In the world of modern web applications, the OAuth flow is our trusty gatekeeper, enabling seamless logins and secure data...
Thumbnail for CyberFlex (EASM + PTaaS)
How external attack surface analysis enhances pen testing 
Application Security
19 May 2025
Despite advancements in security, web applications are still a problem. Attackers target web applications because they’re exposed, complex, and not...
Blue open lock as symbol for authentification
6 common authentication vulnerabilities in web apps  
Application Security
09 Apr 2025
Authentication is used by most web applications. Both for letting users have access to individual accounts, but also for protecting...