Vulnerability Analysis
In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.
568 articles
What is Social Engineering
Social engineering causes 68% of breaches per Verizon's 2024 DBIR. Learn how it works, common attack types, and how it threatens the software supply chain.
What is Malware
Malware now hides in open source packages and CI pipelines, not just email attachments. Here's what it is, how it spreads, and how to catch it early.
What is Ransomware
Ransomware costs organizations $2.73M on average to recover from. Learn how it works, its top infection vectors, and how to defend against it.
What is Zip Slip Vulnerability
Zip Slip lets attackers escape archive extraction via path traversal to overwrite files and gain code execution. Here's how it works and how to stop it.
What is Prototype Pollution
Prototype pollution lets attackers corrupt Object.prototype via unsafe merges, turning a data bug in lodash, jQuery, or minimist into RCE.
What is a Business Logic Vulnerability
Business logic vulnerabilities exploit correct code enforcing the wrong rules. Learn what they are, real breach examples, and how to detect them.
What Are Hardcoded Credentials
Hardcoded credentials are secrets baked into code instead of a vault. Toyota, Uber, and Samsung breaches show why that risk never expires on its own.
What is Sensitive Data Exposure
Sensitive data exposure covers everything from unencrypted databases to hardcoded secrets. Learn what causes it, real breach examples, and how to detect it early.
What is Broken Authentication
Broken authentication lets attackers assume another user's identity via credential stuffing, forged tokens, or auth-bypass CVEs like Fortinet's CVE-2022-40684.
What Are Cryptographic Failures
Cryptographic failures are OWASP's #2 Top 10 risk — weak, missing, or broken encryption. See real breaches, causes, and how to detect and fix them.
What Are Security Logging and Monitoring Failures
Equifax went undetected for 76 days, Marriott for four years. Here's what security logging and monitoring failures are, why they happen, and how to close the gap.
Use of Components with Known Vulnerabilities
Equifax lost 147M records to one unpatched library. Here's what "components with known vulnerabilities" means and how reachability analysis fixes the triage problem.