Safeguard
Topic

Application Security

In-depth guides and analysis on application security from the Safeguard engineering team.

480 articles

Application Security

OWASP API Security Top 10 risks explained

The OWASP API Security Top 10 ranks BOLA, broken auth, SSRF, and 7 more API risks behind breaches like Optus and T-Mobile — explained with real incidents.

Jun 4, 20268 min read
Application Security

Implementing the OWASP Top 10 Proactive Controls

A field guide to the OWASP Top 10 Proactive Controls: what each control requires, real breach examples like Equifax, and how to implement them in CI/CD.

Jun 4, 20267 min read
Application Security

What is SAST? Static Application Security Testing explained

SAST scans source code for vulnerabilities before deployment. Learn how it works, where it fits vs. DAST/SCA, its false-positive limits, and 2026 tooling.

Jun 4, 20267 min read
Application Security

What is DAST? Dynamic Application Security Testing explained

DAST tests running applications like an attacker would. Learn how it works, how it differs from SAST, and where it falls short.

Jun 3, 20268 min read
Application Security

SAST vs DAST vs SCA: choosing the right tool

SAST, DAST, and SCA each answer a different security question — here's what each catches, when to run them, and how to prioritize the flood of findings.

Jun 3, 20267 min read
Application Security

What Is Perimeter Protection in Application Security

Perimeter protection screens packages at the gate — but xz-utils, SolarWinds, and event-stream all slipped past firewalls. Here's what it catches, and what it misses.

Jun 2, 20267 min read
Application Security

SAST vs DAST: static and dynamic application security tes...

SAST catches insecure code before deploy; DAST tests running apps after. We compare both against JFrog's Artifactory-first model and Safeguard's supply-chain-native approach.

Jun 1, 20268 min read
Application Security

How to secure a REST API

REST API breaches from T-Mobile to Optus trace to a handful of recurring mistakes. Here's how to fix authorization, auth, injection, and rate limiting.

Jun 1, 20266 min read
Application Security

SQL injection cheat sheet: 8 best practices to prevent it

SQL injection still breaches Fortune 500s in 2026. Here are 8 concrete practices — from parameterized queries to reachability analysis — that actually stop it.

May 31, 20267 min read
Application Security

Regular Expression Denial of Service (ReDoS) explained

ReDoS turns a single crafted string into an exponential-time attack. Here's how catastrophic backtracking works, real CVEs, and how to detect it.

May 29, 20265 min read
Application Security

Zip Slip vulnerability cheat sheet

A concrete, question-driven cheat sheet on Zip Slip: how the archive-extraction path traversal bug works, real CVEs, and how to detect and fix it.

May 29, 20268 min read
Application Security

Preventing path traversal (directory traversal) attacks

Path traversal lets attackers read or write files outside a web app's directory using ../ sequences. Here's how it works and how to stop it.

May 29, 20267 min read
Application Security (Page 16) — Supply Chain Security Blog | Safeguard