Microsoft and Azure's Post-Message Exploitation

Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs.

Segment Resources: - [AppSec Indicator Spring 2023 edition | Invicti](https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand)

This segment is sponsored by Invicti.

Visit [securityweekly.com/invicti](https://securityweekly.com/invicti) to learn more about them!

 In the news, two XSS vulns via postMessage methods in Azure, how to choose (and move on from) a web research topic, OpenSSF finances a security developer-in-residence for Python, more infosec myths, free cybersecurity training resources.

Visit [securityweekly.com/asw](https://securityweekly.com/asw) for all the latest episodes!

Follow us on Twitter: [@SecWeekly](https://www.twitter.com/secweekly)

Like us on Facebook: [facebook.com/secweekly](https://www.facebook.com/secweekly)

Visit https://securityweekly.com/asw for all the latest episodes!

 Show Notes: https://securityweekly.com/asw-245