Will AI replace human pen testers?
Application Security
12 Aug 2025
It’s become pretty standard to expect the help of AI with automating tasks, with penetration testing being no exception. As...
bug bounty program graphic in light blue with bug, money and laptop icon
Bug bounty programs: Can you rely on them 100%?
Application Security
08 Jul 2025
It’s tempting to view bug bounty programs as a cheat code – an enticing shortcut to uncover vulnerabilities by tapping...
Outpost24 logo
CVE-2024-58248: Race condition vulnerability leaves nopCommerce at risk of...
Application Security
01 Jul 2025
I recently discovered an interesting race condition vulnerability in the eCommerce software nopCommerce, during a manual pen test as part...
Graphic for blog on OAuth vulnerabilities
Tokens & traps: Seven common OAuth vulnerabilities (plus mitigations)
Application Security
18 Jun 2025
In the world of modern web applications, the OAuth flow is our trusty gatekeeper, enabling seamless logins and secure data...
Thumbnail for CyberFlex (EASM + PTaaS)
How external attack surface analysis enhances pen testing 
Application Security
19 May 2025
Despite advancements in security, web applications are still a problem. Attackers target web applications because they’re exposed, complex, and not...