Safeguard
Topic

Application Security

In-depth guides and analysis on application security from the Safeguard engineering team.

480 articles

Application Security

.NET and NuGet dependency vulnerability management

NuGet packages have delivered RATs, crypto stealers, and undisclosed data collection to .NET teams. Here's how to detect and defend against .NET/NuGet supply chain risk.

May 20, 20267 min read
Application Security

Securing Laravel PHP applications

CVE-2021-3129, leaked APP_KEYs, and Eloquent mass assignment still compromise Laravel apps in 2026 — here's how each attack works and how to close it.

May 20, 20267 min read
Application Security

Securing WordPress plugin dependencies

Real CVEs, a supply-chain hack that hit 360,000 sites, and bundled-library blind spots: what WordPress plugin security actually requires in 2026.

May 19, 20266 min read
Application Security

First-Party Code vs Open Source Risk: Where Should AppSec...

First-party code and open source dependencies are one attack surface. See how Safeguard's unified scanning compares to Endor Labs' open-source-first approach.

May 19, 20269 min read
Application Security

AI SAST: How AI-Native Static Analysis Finds Business Log...

Traditional SAST can't see business logic flaws because there's no bad syntax to match. Here's how AI-native static analysis finds them, and how Safeguard's approach compares to Endor Labs.

May 18, 20269 min read
Application Security

AI Security Code Review for Pull Requests

How AI code review security works in pull requests, where Endor Labs stops short, and what closes the gap between diff review and real supply chain risk.

May 18, 20269 min read
Application Security

Secrets Detection in Source Code: What Gets Missed by Reg...

Regex-based secrets scanners miss encoded, multi-line, and historical secrets in git history. Here is what a real secrets detection tool must catch.

May 18, 20268 min read
Application Security

Secrets management: tools and best practices

Secrets leak because of workflow gaps, not carelessness. Here's how vaults, scanners, and rotation policies actually stop credential exposure.

May 16, 20267 min read
Application Security

Finding and fixing exposed hardcoded secrets in GitHub projects

Hardcoded secrets leak into GitHub every day and get exploited within minutes. Here's how to find, fix, and prevent exposed credentials at scale.

May 16, 20266 min read
Application Security

SAST vs DAST vs SCA vs IAST

SAST, DAST, SCA, and IAST each test different risk. See how Safeguard's unified platform compares to Socket.dev's SCA-focused approach to supply chain security.

May 13, 20268 min read
Application Security

Endor Labs vs Snyk SCA 2026

Endor Labs built its SCA platform around reachability from day one. How does that architectural bet compare to Snyk's incumbent position in 2026?

May 12, 20266 min read
Application Security

Taint Analysis vs Reachability: What You Actually Need in 2026

Taint and reachability sound similar and answer different questions. Here is when each one matters, where vendors blur the line, and how to use both.

May 6, 20266 min read
Application Security (Page 20) — Supply Chain Security Blog | Safeguard