Safeguard
Topic

Application Security

In-depth guides and analysis on application security from the Safeguard engineering team.

480 articles

Application Security

Code Review vs Static Analysis

Code review and static analysis catch different bugs at different gates. Here's how they differ, where each fails, and how to combine them.

Apr 5, 20267 min read
Application Security

Attack Surface Management (ASM): best practices guide

A practical attack surface management best practices guide for software supply chains, covering SBOMs, base image hardening, CI/CD exposure, and a 90-day rollout plan.

Apr 4, 20268 min read
Application Security

Application security assessments: a practical guide

A practical, numbers-based guide to running application security assessments -- scope, cadence, findings, and how Safeguard compares to image-hardening tools like Chainguard.

Apr 3, 20267 min read
Application Security

Next-Gen SCA Explained: What Changed in 2026

Next-gen SCA tools moved past package-tree scanning to reachability, runtime context, and exploit signal. Here's what actually changed and why it matters.

Apr 2, 20265 min read
Application Security

Attack surface reduction: practical strategies to minimiz...

Base images are one layer. Real attack surface reduction covers dependencies, build pipelines, and provenance too — here's what Chainguard's approach misses.

Apr 2, 20267 min read
Application Security

Best Secrets Detection Tools: 2026 Buyer's Guide

A field comparison of the best secrets detection tools in 2026 across precision, secret variety, and CI integration for teams hardening their supply chain.

Mar 27, 20265 min read
Application Security

Reachability Analysis for Ruby and RubyGems in 2026

Ruby reachability under metaprogramming, Rails autoloading, and Bundler groups. What bundler-audit and modern tools handle, and where they punt to over-approximation.

Mar 19, 20265 min read
Application Security

What is API Security

API security explained: what it is, why APIs are the top breach vector, the OWASP API Top 10, real breaches, and how to test and monitor endpoints.

Mar 11, 20267 min read
Application Security

API Security Testing Checklist & Best Practices

A concrete API security testing checklist covering OWASP API Top 10 risks, BOLA, SSRF, testing cadence, SAST/DAST, and how Safeguard closes the gaps.

Mar 11, 20267 min read
Application Security

How to Secure REST APIs

REST APIs keep failing the same way: BOLA, weak auth, shadow endpoints. Real breaches (T-Mobile, Optus, Peloton) and concrete fixes for each.

Mar 10, 20267 min read
Application Security

What is GraphQL Security

GraphQL's flexibility creates unique risks—excessive data exposure, DoS via nested queries, and broken field-level authorization. Here's how to defend it.

Mar 10, 20267 min read
Application Security

OWASP API Security Top 10 Explained

The 2023 OWASP API Security Top 10 explained with real breaches — T-Mobile, Optus, Peloton — plus what changed since 2019 and how to prioritize fixes.

Mar 10, 20267 min read
Application Security (Page 26) — Supply Chain Security Blog | Safeguard