Detectify AI-Researcher Alfred gets smarter with threat actor intelligence
Six months after launch, Alfred, the AI Agent that autonomously builds security tests, has revolutionized our workflow. Alfred has delivered over 450 validated tests against…
Category: Mix
Exploiting JWT Vulnerabilities: Advanced Exploitation Guide
Before JSON Web Tokens (JWTs) became popular in today’s app development landscape, web applications predominantly used server-side sessions, which presented horizontal scalability issues. JWTs solved…
Product comparison: Detectify vs. Rapid7
Rapid7 Pros Correlates web app vulnerabilities with underlying infrastructure risk and active threat data. Provides expansive enterprise discovery of unknown web applications and open ports.…
Anthropic Changes MCP Calls Into Filesystem-based Skills
Anthropic just came out with a new article about code execution with MCP which is pretty extraordinary. Loading external blog post… It’s nuanced, but it…
Product comparison: Detectify vs. Invicti
Invicti Pros Deep, out-of-the-box integrations with CI/CD pipelines and issue trackers enable a fully automated, closed-loop “scan-to-ticket” workflow. It supports scanning non-public, internal applications through…
What’s Intigriti’s impact and position?
You asked, and we answered. At Intigriti, we’ve been paying close attention to the questions most frequently asked by those with a bug bounty program…
Intigriti Bug Bytes #229 – October 2025
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Cool trick to find disclosed secrets in internal web extensions A…
The researcher’s desk: CVE-2025-20362 – Blog Detectify
Welcome to The Researcher’s Desk – a content series where the Detectify security research team will conduct a technical autopsy on vulnerabilities that are particularly…
Product comparison: Detectify vs. ProjectDiscovery
ProjectDiscovery Pros The entire assessment capability is built on the open-source Nuclei engine. An AppSec engineer can read, modify, and write their own nuclei templates…
What the Q3 2025 ThreatStats Report Tells Us — API Security
Wallarm’s latest Q3 2025 API ThreatStats report [link placeholder] reveals that API vulnerabilities, exploits, and breaches are not just increasing; they’re evolving. Malicious actors are…
When to Use Claude Code Skills vs Commands vs Agents
Ever since Anthropic released Skills I’ve been thinking about how to optimize my Personal AI Infrastructure using the proper hierarchy. My thoughts have been guided…
![[tl;dr sec] #303 - MCP Security Scanners, Attacking GitLab CI/CD, AI SOC Benchmarks](https://image.cybernoz.com/wp-content/uploads/2025/10/tldr-sec-303-MCP-Security-Scanners-Attacking-GitLab-CICD.png)
[tl;dr sec] #303 – MCP Security Scanners, Attacking GitLab CI/CD, AI SOC Benchmarks
I hope you’ve been doing well! Fight Robots Fight! New #PeakBayArea experience: this week I attended a TechCrunch Disrupt-adjacent event with the normal food, drinks,…