Introducing Dynamic API Scanning
Application environments are more complex than ever, with APIs forming the critical connective tissue. But this proliferation has created a vast, often invisible, attack surface. …
Most read
Recommended reads
A practitioner’s guide to classifying every asset in your attack surface
TLDR: This article details methods and tools (from DNS records and IP addresses to HTTP analysis and HTML content) that practitioners can use to classify …
How our new engine framework helped address a critical vulnerability within the day
When a critical vulnerability in the printing system CUPS started raising alarms among security teams, Detectify had already entered war-room mode to address the situation. …
What is Detectify?
Get a 10-minute overview of how to quickly and easily get started with Detectify's AppSec platform
Watch short product demo
E-book: How does EASM compare to Pen Testing?
This e-Book compares EASM and Pen Testing by exploring each methodology's scope, objectives, and capabilities
Get the e-book
Most recent articles
Introducing Dynamic API Scanning
Application environments are more complex than ever, with APIs forming the critical connective tissue. But this proliferation has created a vast, often invisible, attack surface. …
EU Regulating InfoSec: How Detectify helps achieving NIS 2 and DORA compliance
**Disclaimer: The content of this blog post is for general information purposes only and is not legal advice. We are very passionate about cybersecurity rules and …
A practitioner’s guide to classifying every asset in your attack surface
TLDR: This article details methods and tools (from DNS records and IP addresses to HTTP analysis and HTML content) that practitioners can use to classify …
Redefining AppSec Testing with Intelligent Scan Recommendations and Asset Classification
The average organization is missing testing 9 out of 10 of their complex web apps that are attacker-attractive targets. To address this, we’re launching new …
Security Update: Publicly Exposed Ingress NGINX Admission
A series of vulnerabilities, known as IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974), have been identified in ingress-nginx, a widely used Kubernetes ingress controller. When exploited together, …
DNS is the center of the modern attack surface – are you protecting all levels?
If you are a mature organization, you might manage an external IP block of 65,000 IP addresses (equivalent to a /16 network). In contrast, very …
Introducing Alfred for fully autonomous AI-built vulnerability assessments
We are excited to announce Detectify Alfred, a revolutionary system that uses AI to completely autonomously collect and prioritize threat intelligence and generate high-fidelity security …
Making security a business value enabler, not a gatekeeper
The traditional perception of security within an organization is as a barrier rather than a facilitator, imposing approval processes and regulations that inevitably slow down …
Surface Monitoring
Surface Monitoring strengthens the security of your Internet-facing subdomains and detects exposed files, vulnerabilities, and misconfigurations continuously
More product information
Application Scanning
Application Scanning automatically scans custom-built applications, finds business-critical security vulnerabilities and strengthens your web app security
More product information