Blog

Security Insights

Deep dives, expert analysis, and practical guidance on exposure management, adversarial validation, and the future of AI-driven exposure management.

CybersecurityPayment gateway

The Critical Risk of Using Dummy Email Domains in Payment Gateways

During our recent security assessments across multiple clients, we discovered a concerning pattern: many companies are unknowingly exposing their customers' sensitive payment information through a simple yet critical misconfiguration in their Juspay integration. This issue stems from the improper us

Jan 3, 20254 min

Thought Leadership

Strobes Security 2024: Year in Review

2024 has been a year of bold moves and big wins at Strobes Security. From launching game-changing innovations to expanding globally, we’ve made strides to reshape cybersecurity for the better. Join us as we take a look back at everything we’ve achieved together. Our Evolution From Vulnerability Mana

Dec 31, 20244 min

Vulnerability Prioritization

Top CVEs & Vulnerabilities of December 2024

When it comes to cybersecurity, it’s not just the technology that evolves, it’s the threats too. Every month brings its own set of challenges, and December 2024 has been no different. But what really stood out? The vulnerabilities that had everyone talking or scrambling. In this blog, we’ll explore

Dec 31, 202410 min

Data Breaches

Top Data Breaches in December 2024

December 2024 wrapped up the year with a chilling reminder of how vulnerable we all are to data breaches. From personal information to corporate secrets, it seemed like no one was safe. With over 2,000 breaches reported this year alone, the stakes have never been higher. In this blog, we’ll walk you

Dec 31, 20243 min

Application Security

GraphQL Security Testing: A Complete Guide

GraphQL returns 200 even for errors, which blinds scanners. This guide walks schema recovery, nested-resolver BOLA, alias and batch rate-limit bypass, query-cost DoS, the tooling, and the config fixes.

Dec 26, 20247 min

Cybersecurity

Cybersecurity Budgets Set to Grow by 9%: What It Means for Companies?

Cyberattacks are on the rise, and businesses are taking notice. According to Kaspersky’s recent IT Security Economics report, companies are gearing up to increase their cybersecurity budgets by an average of 9% over the next two years. That’s a big jump, and it's happening for good reason. As cyber

Dec 17, 20247 min

OWASP

OWASP Top 10 for LLMs: Key Risks & Mitigation Strategies

The rapid advancement of AI, particularly in large language models (LLMs), has led to transformative capabilities in numerous industries. However, with great power comes significant security challenges. The OWASP Top 10 for LLMs addresses evolving threats. This article explores what's new, what’s ch

Dec 16, 202420 min

Application SecurityPenetration Testing

Top API Penetration Testing Tools for 2026

The API pentesting tools that matter in 2026, by phase: Burp, Kiterunner, mitmproxy, Schemathesis, jwt_tool, hashcat, and GraphQL tooling, with the real output each produces and where each stops.

Dec 11, 20246 min

Cybersecurity

Why Your Business Needs a Robust Malware Defense Strategy? | Strobes

Malware threats are not just a possibility they're a reality. Organizations face an ever-expanding array of sophisticated malware types, each with unique capabilities and devastating potential. A single breach can disrupt operations, erode customer trust, and inflict significant financial losses. To

Dec 10, 20247 min

Vulnerability Management

OWASP Mobile Top 10 Vulnerabilities [2025 Updated]: Key Impacts & Preventions

The OWASP Mobile Top 10 2025 highlights the most critical security risks in mobile applications, helping organizations protect user data, ensure compliance, and build digital trust. This guide explains key threats and practical strategies to address them. Learn how Strobes, with Continuous Threat Ex

Dec 10, 202436 min

Application Security

Strobes Security Scanners: Modern Enterprise Static Application Security Testing | Strobes

As organizations increasingly adopt cloud-native technologies, DevOps workflows, and containerized environments, securing applications has become more complex and critical. Cyber threats targeting applications have grown in sophistication, demanding a holistic approach to application security. This

Dec 10, 202412 min

CybersecurityData Breaches

Major Data Breaches of November 2024

As data breaches become increasingly common, the statistics reveal alarming trends: over 35 billion records have been breached throughout the year, with the average cost of a data breach rising to $4.88 million globally, a 10% increase from the previous year. This month alone saw several significant

Dec 3, 20246 min