Discussion

Arshan Dabirsiaghi

security nerd

Jul 10, 2025

SAST is just crazy bad at XSS

XSS is one of the more serious things in appsec, and it's pretty prevalent. It’s also one of those things that is super hard to find accurately via static analysis. And, vendors don’t want to miss it — so, typically any data that gets to a response, ...

nahsra.hashnode.dev4 min read

#xss #sast #ai #security #appsec #devsecops #security-testing

Responses(1)

RD

Ryan Dens

Developer productivity and application security

Jul 10, 2025

It's crazy to me how much noise appsec/prod sec engineers have to sift through to get actionable, validated insights on their code.

"Example 1 of 10 Million" really got me 🤣

Recent in Forum

A
I Replaced ChatGPT With Google NotebookLM — Here’s My Audit & Workflow
11A1h ago
S
Hi, I'm Shubham kahar
12S R7h ago
D
Hi, I'm ddtamn
21R14h ago
J
How I used Python asyncio to trade a 55 second oracle lag on Polymarket
1P22h ago
D
🚀 Launching another one 🙃 LLMs.txt Generator!
22h ago

View all threads

Search Hashnode

SAST is just crazy bad at XSS

Responses(1)

Recent in Forum