Web Security Insights for CISOs

TLDR: This article details methods and tools (from DNS records and IP addresses to HTTP analysis and HTML content) that practitioners can use to classify … The post A practitioner’s guide to classifying every asset in your attack surface appeared first on Blog Detectify.

The average organization is missing testing 9 out of 10 of their complex web apps that are attacker-attractive targets.  To address this, we’re launching new … The post Redefining AppSec Testing with Intelligent Scan Recommendations and Asset Classification appeared first on Blog Detectify.

A series of vulnerabilities, known as IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974), have been identified in ingress-nginx, a widely used Kubernetes ingress controller. When exploited together, … The post Security Update: Publicly Exposed Ingress NGINX Admission appeared first on Blog Detectify.

If you are a mature organization, you might manage an external IP block of 65,000 IP addresses (equivalent to a /16 network). In contrast, very … The post DNS is the center of the modern attack surface – are you protecting all levels? appeared first on Blog Detectify.

We are excited to announce Detectify Alfred, a revolutionary system that uses AI to completely autonomously collect and prioritize threat intelligence and generate high-fidelity security … The post Introducing Alfred for fully autonomous AI-built vulnerability assessments appeared first on Blog Detectify.

The traditional perception of security within an organization is as a barrier rather than a facilitator, imposing approval processes and regulations that inevitably slow down … The post Making security a business value enabler, not a gatekeeper  appeared first on Blog Detectify.

There’s often a lack of understanding when it comes to Dynamic Application Security Testing (DAST) as a methodology versus DAST as a tool. How do … The post How Detectify embraces the best of both DAST and ASM appeared first on Blog Detectify.

At Detectify, we help customers secure their attack surface. To effectively and comprehensively test their assets, we must send a very high volume of requests … The post Sending billions of daily requests without breaking things with our rate limiter appeared first on Blog Detectify.

When was the last time you checked DNS configurations for subdomains pointing at services not in use? According to Crowdsource ethical hacker Thomas Chauchefoin, while … The post How to Prevent a Subdomain Takeover in Your Organization appeared first on Blog Detectify.

A critical vulnerability (CVE-2025-0282) has been identified in Ivanti Connect Secure, Policy Secure, and ZTA Gateways. This vulnerability could allow unauthenticated remote attackers to achieve … The post Security Update: Ivanti Connect Secure (CVE-2025-0282) appeared first on Blog Detectify.