How to prepare for an API penetration test
Julio Fort
May 10, 2026
Your one-stop guide to preparing for an API penetration test. Understand the process, the tools, and common vulnerabilities.
Blog
Industry Insights from our cybersecurity experts
News and insights on the cybersecurity industry and trending topics. Regular updates, commentary, and the point of view from Blaze’s world-class cyber experts.
Common SaaS Vulnerabilities: Penetration Testing Findings in 2025
Joana Coelho
May 7, 2026
A practical look at the common SaaS vulnerabilities pentests uncover across APIs, tenants, services, and authorization flows.
Common Pentest Findings in Finance & Fintech
Ewelina Baran
May 4, 2026
Finance and fintech platforms protect some of the most valuable digital assets. This article explores the vulnerabilities that most often put that trust at risk, from data exposure to access control and mobile security gaps.
How Boards Can Move From Reactive To Proactive Cybersecurity In 2026 And Beyond
Julio Fort
April 28, 2026
Boards are under growing pressure to understand cyber exposure before an incident forces action. Better reporting can help directors focus on risk, impact and accountability.
10 Questions to Ask Pentest Providers
Joana Coelho
April 28, 2026
Choosing a pentest provider can be difficult when many vendors describe their services in similar terms. These 10 questions can help you compare methodology, expertise, reporting, and follow-up support more effectively.
Common Security Vulnerabilities in the Healthcare Sector
Joana Coelho
April 27, 2026
What do common healthcare vulnerabilities say about risk in healthcare systems? This article uses Blaze’s penetration testing data to examine the patterns emerging across the sector.
Common Ecommerce Vulnerabilities: What 242 Penetration Tests Reveal
Ewelina Baran
April 27, 2026
This article breaks down the most common ecommerce vulnerabilities found in real retail environments. See what attackers target most, and what the data says about where to focus first.
Common PCI DSS Penetration Testing Findings
Ewelina Baran
April 21, 2026
PCI DSS pentests often uncover fewer findings than broader assessments, but the findings that remain are more likely to affect the controls protecting cardholder data. This article looks at the issues that appear most often and what they mean.
MITRE Fight Fraud Framework: How F3 Extends ATT&CK Into Financial Fraud
Joana Coelho
April 16, 2026
MITRE’s new Fight Fraud Framework (F3) helps analysts model how cyber-enabled fraud unfolds after compromise. This article explains what F3 is, how it differs from ATT&CK, and why it matters for fraud detection and investigation.
