Safeguard
Topic

Application Security

In-depth guides and analysis on application security from the Safeguard engineering team.

480 articles

Application Security

WebAssembly (WASM) security considerations

A 2018 WASM cryptominer hit 4,275+ websites in a day. Learn WebAssembly's real security risks, from memory bugs to supply chain blind spots.

Apr 26, 20267 min read
Application Security

Securing gRPC microservice communication

gRPC's binary, multiplexed transport breaks REST-era security tooling. Here's how to fix mTLS gaps, reflection exposure, and per-method authorization.

Apr 26, 20267 min read
Application Security

Microservices security: authentication between services

Service-to-service auth stops lateral movement between microservices. Learn how mTLS, OAuth2, and SPIFFE/SPIRE secure internal calls in production.

Apr 26, 20267 min read
Application Security

Bringing developer-first application security to C/C++

C/C++ still powers critical infrastructure but lags in AppSec tooling. Safeguard brings SBOM, reachability, and auto-fix to native code security.

Apr 22, 20266 min read
Application Security

Consolidating AppSec tools with an ASPM platform

Most AppSec teams run 10-15 disconnected tools. Here's how ASPM platforms consolidate them, why reachability changes what "critical" means, and how to evaluate one.

Apr 21, 20266 min read
Application Security

Security debt vs security risk: how to measure both

Security debt and security risk are measured differently and demand different remediation clocks. Here's how to quantify each — and where they collide.

Apr 21, 20267 min read
Application Security

Static analysis (SAST) buyer's guide for enterprise teams

A concrete buyer's guide to enterprise SAST: false-positive rates, reachability analysis, POC criteria, SBOM integration, and real pricing benchmarks for 2026.

Apr 20, 20267 min read
Application Security

Consolidating point solutions into a unified AppSec platform

Point solutions for SAST, SCA, DAST, and secrets scanning create duplicate alerts and blind spots — here's why teams are unifying AppSec now.

Apr 19, 20267 min read
Application Security

Preventing broken access control in Express.js applications

Express.js ships with no built-in authorization layer, making broken access control easy to introduce and hard to catch with pattern-based scanners.

Apr 17, 20267 min read
Application Security

Security concerns of using the Node.js VM module as a sandbox

Node's vm module and vm2 were never a security boundary. Four critical CVEs and a 2023 deprecation prove why untrusted-code sandboxes need real isolation.

Apr 17, 20261 min read
Application Security

What is Application Security (AppSec)

Application security spans SAST, SCA, secrets and container scanning. See how AppSec differs from DevSecOps, why it's now board-level, and how Safeguard prioritizes fixes.

Apr 16, 20267 min read
Application Security

Static Application Security Testing (SAST)

SAST scans source code for exploitable flaws before deployment. Learn how it works, how it differs from DAST/SCA, and where it falls short.

Apr 16, 20266 min read
Application Security (Page 22) — Supply Chain Security Blog | Safeguard