Safeguard
Tag

access-control

Safeguard articles tagged "access-control" — guides, analysis, and best practices for software supply chain and application security.

39 articles

Concepts

What Is Access Control?

Access control decides who can reach a resource and what they can do with it. Learn the common models, how enforcement works, and why least privilege is the guiding rule.

Jan 14, 20266 min read
Vulnerability Analysis

Authentication bypass vulnerabilities explained

Authentication bypass flaws let attackers skip login entirely. See how CVE-2022-40684, CVE-2023-22515, and CVE-2021-40539 were exploited and prevented.

Dec 9, 20257 min read
Vulnerability Analysis

Privilege escalation vulnerabilities explained

Privilege escalation vulnerabilities turn a low-privilege foothold into root or admin access. Learn how they work, key CVEs, and how to detect them.

Dec 9, 20256 min read
AI Security

Security considerations for deploying and querying vector...

Vector databases now hold copies of your most sensitive data with weaker controls than the systems they came from. Here's what to fix before your next RAG deployment.

Dec 7, 20257 min read
Vulnerability Analysis

Project Quay Improper Access Control Exposing Private Ima...

CVE-2020-27838 exposed private container images in Project Quay due to improper access control. Here's what happened, who's affected, and how to remediate it.

Nov 21, 20258 min read
AI Security

Least Privilege for AI Agents: Why It's Harder Than It So...

AI agents break least-privilege assumptions built for humans: they chain tools, act autonomously, and compose narrow scopes into broad access no one reviewed.

Jul 21, 20257 min read
Concepts

What Is ABAC (Attribute-Based Access Control)

ABAC decides access by evaluating attributes of the user, resource, action, and environment against policy rules. Learn how it works and when to choose it over roles.

Dec 3, 20246 min read
Concepts

What Is RBAC (Role-Based Access Control)

RBAC grants permissions to roles, then assigns people to roles. Learn how this model simplifies access management, its core parts, and where it fits best.

Nov 5, 20246 min read
Concepts

What Is Authorization

Authorization decides what an already-verified identity is allowed to do. Learn how it differs from authentication, how permission checks work, and the models that power them.

Jul 23, 20246 min read
DevSecOps

Code Repository Security Hardening

Your source code repository is the starting point of your entire supply chain. Hardening it against unauthorized access, code injection, and configuration tampering is non-negotiable.

Jul 8, 20246 min read
Web Security

Privilege Escalation in Web Applications: Attacks and Defenses

Privilege escalation vulnerabilities let attackers elevate their access level within an application. This guide covers both vertical and horizontal escalation techniques, real-world patterns, and concrete defenses.

Feb 5, 20247 min read
Web Security

Authorization Vulnerabilities: Prevention and Best Practices

Authorization flaws let authenticated users access resources and perform actions beyond their intended permissions. Learn the most common authorization vulnerabilities and how to build robust access control systems.

Oct 5, 20237 min read
access-control (Page 3) — Safeguard Blog