white text on blue background visualizing the overwhelming amount of data in pen testing that can lead to false positives
How to reduce false positives when pen testing web apps
Application Security
12 Feb 2025
In the context of penetration (pen) testing, false positives are where the testing tools or methods identify a security vulnerability...

Featured Posts
Research & Threat Intel
02 Jan 2024
How to monitor your organization’s presence on the dark web
Application Security
15 Nov 2023
Can traditional pen testing keep up with modern AppSec? Ask the pen tester 
Application Security
10 Jan 2023
A pen tester’s guide to Content Security Policy

Topics

Outpost24’s Capture the Flag event recap: “json returns”
Application Security
31 Jan 2025
On the crisp morning of December 13th, 2024, as the clock struck 09:59 CET, anticipation filled the air. Around the...
press release
Five strategies for uncovering vulnerabilities in web applications
Application Security
19 Nov 2024
I’ve been working as an Application Security Auditor in Oupost24’s web application security testing team for almost three years now....
press release
Exploiting trust: Weaponizing permissive CORS configurations
Application Security
01 Oct 2024
If you’re a pentester, or a consumer of application security pentest reports, you’ll probably have come across Cross-Origin Resource Sharing...
CSRF simplified: A no-nonsense guide to Cross-Site Request Forgery
Application Security
13 Aug 2024
Cross-Site Request Forgery (CSRF) is a serious web security vulnerability that allows attackers to exploit active sessions of targeted users...