VAPT · 21 articles

VAPT

Penetration testing methodology, scoping guides, reporting, practitioner playbooks.

Security Guides

API Security in 2026: BOLA, Mass Assignment, and Authorization Patterns

The OWASP API Top 10 in operational terms. BOLA prevention patterns, RBAC vs ABAC vs ReBAC, OPA Rego policies, OpenFGA, and a…

May 22, 2026 · 9 min read
Incident Response

Scenario Brief: Critical OpenSSL Use-After-Free Reachable via TLS 1.3 Session Resumption

Tabletop-ready threat scenario: a hypothetical CVSS 9.8 use-after-free in OpenSSL TLS 1.3 session resumption. Indian BFSI patch-priority and incident-reporting drill.

May 22, 2026 · 2 min read
News

OWASP API Top 10 2026 Draft: What Changed, Mapped to Indian Fintech Reality

What’s in the 2026 draft OWASP API Security Top 10 — 2026 dropped as a working draft in April. The list reorganises…

May 14, 2026 · 7 min read
VAPT

VAPT Report: What a Good One Actually Contains

What a good VAPT report contains, with an annotated 8-section template — serving CTO, engineer, auditor, and buyer audiences — and the…

Apr 19, 2026 · 4 min read
VAPT

Network Penetration Testing: Internal vs External (2026)

Network penetration testing in 2026 — external vs internal scope, the cloud transition, tools that matter, common findings, and when traditional network…

Apr 19, 2026 · 4 min read
VAPT

Mobile Application Penetration Testing: Android + iOS Guide (2026)

Mobile app pen testing for 2026 — Android vs iOS methodology, OWASP MASVS L2 coverage, common findings, platform-specific security features, and typical…

Apr 19, 2026 · 4 min read
VAPT

API Security Testing: OWASP API Top 10 in Practice (2026)

The OWASP API Security Top 10 in 2026 practice — what each category actually looks like, how to test it, tools that…

Apr 19, 2026 · 8 min read
VAPT

VAPT vs Vulnerability Scanning: What You’re Actually Buying

Vulnerability scans and penetration tests find different things. Buying the wrong one is how organizations end up breached with a compliance document…

Apr 19, 2026 · 7 min read
VAPT

Web Application Penetration Testing Checklist (OWASP 2026)

The real-world web app pen testing checklist we use internally at RingSafe in 2026: 10 phases, from reconnaissance through reporting, with notes…

Apr 19, 2026 · 8 min read
VAPT

How Much Does a VAPT Cost in India? A 2026 Pricing Guide

Honest VAPT pricing bands in India for 2026: what ₹40,000, ₹2 lakh, and ₹15 lakh engagements actually deliver, what drives cost, and…

Apr 19, 2026 · 7 min read
1 2 3