XSS filter evasion: Why filtering doesn’t stop cross-site scripting

Polyfill supply chain attack: What to do when your CDN goes evil

How to prevent XSS attacks

What the OWASP Top 10 for LLM applications tells us about generative AI security

Making sense of AppSec vs. DevSecOps

How bad is a missing Content-Type header?

Why Predictive Risk Scoring is the smart way to do AI in application security

How to choose the right application security tools