Safeguard
Topic

Application Security

In-depth guides and analysis on application security from the Safeguard engineering team.

480 articles

Application Security

API security and the rise of shadow/zombie APIs

Shadow and zombie APIs caused breaches at Optus, T-Mobile, and Peloton. Here's why code-scanning tools miss them and what API security best practices actually work.

Jun 26, 20267 min read
Application Security

Secrets detection and remediation best practices

Leaked API keys still cause breaches within minutes. Here's how secrets detection and remediation should work in practice, and where scanner-only tools fall short.

Jun 26, 20268 min read
Application Security

What is Static Application Security Testing (SAST)

SAST scans source code for flaws before deployment. Learn how it works, where Checkmarx-style tools fall short on supply chain risk, and how Safeguard closes the gap.

Jun 23, 20268 min read
Application Security

Interactive Application Security Testing (IAST) explained

IAST tests applications from the inside while they run, catching flaws SAST and DAST miss alone. Here's how it works, how Checkmarx uses it, and where gaps remain.

Jun 23, 20268 min read
Application Security

Static Analysis Tools compared

Veracode built its name on SAST, DAST, and SCA for application code. Safeguard focuses static analysis on the software supply chain. Here's how the two actually differ.

Jun 22, 20267 min read
Application Security

Application Security: The Complete Guide

What is application security? A concrete guide covering AppSec fundamentals, OWASP Top 10 risks, supply chain threats, and how Safeguard fills the gaps legacy tools like Veracode leave open.

Jun 21, 202612 min read
Application Security

Top AWS security misconfigurations and how to fix them

A practical AWS misconfigurations cheat sheet — IAM, S3, security groups, logging, and snapshots — with real breach data and exact fixes.

Jun 21, 20266 min read
Application Security

The AWS shared responsibility model explained

AWS secures the cloud; you secure what's in it. Here's exactly where that line falls across EC2, RDS, Lambda, and EKS -- with real breach examples.

Jun 20, 20266 min read
Application Security

Software Development Lifecycle (SDLC) security

A secure SDLC needs more than periodic scans. See where Veracode's upload-and-scan model leaves supply chain gaps, and how continuous, provenance-aware security closes them.

Jun 20, 20268 min read
Application Security

How to secure an Amazon S3 bucket

S3 misconfigurations have caused breaches from Verizon to Pegasus Airlines. Here's what actually secures a bucket—defaults, policies, encryption, and monitoring that hold.

Jun 20, 20268 min read
Application Security

Vulnerability Scanner Tools: how they work

A breakdown of how SAST, DAST, SCA, and container vulnerability scanner tools actually work, where Veracode fits, and why false positives remain the industry's biggest problem.

Jun 20, 20267 min read
Application Security

AWS IAM permissions boundaries best practices

How AWS IAM permissions boundaries cap delegated identities, differ from SCPs, and where teams get privilege escalation wrong.

Jun 20, 20267 min read
Application Security (Page 14) — Supply Chain Security Blog | Safeguard