Safeguard
Topic

AppSec

In-depth guides and analysis on appsec from the Safeguard engineering team.

114 articles

AppSec

Vite and Turbopack: Security Considerations for Next-Gen Build Tools

Vite and Turbopack represent the next generation of JavaScript build tools. Their architectures introduce new security considerations alongside their performance improvements.

Jan 28, 20247 min read
AppSec

Auditing AI-Generated Code: A Practical Security Guide

AI code generation tools are producing millions of lines of code daily. Here is a practical framework for auditing AI-generated code for security vulnerabilities and supply chain risks.

Jan 25, 20246 min read
AppSec

Webpack vs Rollup vs esbuild: A Security Comparison

Choosing a bundler is usually about speed and features. Here is how Webpack, Rollup, and esbuild compare on the dimension that matters most for supply chain security.

Sep 28, 20236 min read
AppSec

The Security Implications of Package Bundlers

Bundlers transform your code and dependencies into production artifacts. The security implications of this transformation are significant and widely overlooked.

May 28, 20236 min read
AppSec

Business Logic Vulnerabilities: The Flaws Scanners Cannot Find

Business logic vulnerabilities bypass every automated scanner because they are not coding errors. They are design errors. Here is how to identify and prevent them.

May 5, 20237 min read
AppSec

Modern Command Injection Prevention: Beyond the Basics

Command injection remains in the OWASP Top 10 because developers keep making the same mistakes with new tools. Here is a modern prevention guide covering containers, serverless, and CI/CD.

Apr 5, 20236 min read
AppSec (Page 10) — Supply Chain Security Blog | Safeguard