Category: Mix

There’s a popular idea going around right now about renaming “prompt engineering” to “context engineering.” The argument is that context…

While performing a penetration test for one of our Continuous Penetration Testing customers, we’ve found a Wing FTP server instance…

Can LLMs red team AI, intro to detection engineering, how to scale security impact via cross-team partnerships I hope you’ve…

AI has had dramatic impacts on almost every facet of every industry. API security is no exception. Up until recently,…

Don’t get me wrong—Cursor is genuinely awesome. It’s probably the best AI-native code editor ever built, with incredibly thoughtful integrations…

Sharing thoughts and approaches on DevSecOps, which integrates development (Dev), security (Sec), and operations (Ops) to embed security throughout the…

Organizations are adopting bug bounty programs more and more as part of a layered security strategy to address the skills…

A summary of common security vulnerabilities in GraphQL and their mitigation strategies. GraphQL provides superior flexibility and efficiency compared to…

In this article, I’ll explain Server-Sent Events (SSE), one of the technologies for implementing real-time data communication in web applications….

A guide on securing WebSocket to protect real-time applications from common vulnerabilities. This article covers the security vulnerabilities of WebSocket,…

Cookies play a crucial role in web applications, but at the same time, they require careful attention to security settings….

A guide to understanding and implementing Subresource Integrity (SRI) for enhanced web security. Subresource Integrity (SRI) is a security feature…