Safeguard
Tag

application-security

Safeguard articles tagged "application-security" — guides, analysis, and best practices for software supply chain and application security.

613 articles

Application Security

Securing Laravel PHP applications

CVE-2021-3129, leaked APP_KEYs, and Eloquent mass assignment still compromise Laravel apps in 2026 — here's how each attack works and how to close it.

May 20, 20267 min read
Application Security

Securing WordPress plugin dependencies

Real CVEs, a supply-chain hack that hit 360,000 sites, and bundled-library blind spots: what WordPress plugin security actually requires in 2026.

May 19, 20266 min read
AppSec

RASP vs. SAST vs. DAST vs. IAST: How They Differ

SAST vs DAST vs IAST vs RASP comes down to when each technique looks at your application — source code, a running test instance, instrumented runtime tests, or production traffic — and picking the wrong stage leaves real gaps.

May 19, 20267 min read
Application Security

First-Party Code vs Open Source Risk: Where Should AppSec...

First-party code and open source dependencies are one attack surface. See how Safeguard's unified scanning compares to Endor Labs' open-source-first approach.

May 19, 20269 min read
Application Security

AI SAST: How AI-Native Static Analysis Finds Business Log...

Traditional SAST can't see business logic flaws because there's no bad syntax to match. Here's how AI-native static analysis finds them, and how Safeguard's approach compares to Endor Labs.

May 18, 20269 min read
Application Security

AI Security Code Review for Pull Requests

How AI code review security works in pull requests, where Endor Labs stops short, and what closes the gap between diff review and real supply chain risk.

May 18, 20269 min read
Application Security

Secrets Detection in Source Code: What Gets Missed by Reg...

Regex-based secrets scanners miss encoded, multi-line, and historical secrets in git history. Here is what a real secrets detection tool must catch.

May 18, 20268 min read
Application Security

Secrets management: tools and best practices

Secrets leak because of workflow gaps, not carelessness. Here's how vaults, scanners, and rotation policies actually stop credential exposure.

May 16, 20267 min read
Application Security

Finding and fixing exposed hardcoded secrets in GitHub projects

Hardcoded secrets leak into GitHub every day and get exploited within minutes. Here's how to find, fix, and prevent exposed credentials at scale.

May 16, 20266 min read
SBOM & Compliance

PCI DSS Requirements for Application Security Testing

PCI DSS 4.0's March 2025 deadline made SBOMs and 30-day patch SLAs mandatory. Here's what Requirements 6.3.2, 6.4.2, and 11.3 actually demand, and where Endor Labs leaves compliance gaps.

May 14, 20267 min read
Application Security

SAST vs DAST vs SCA vs IAST

SAST, DAST, SCA, and IAST each test different risk. See how Safeguard's unified platform compares to Socket.dev's SCA-focused approach to supply chain security.

May 13, 20268 min read
Compliance

GDPR compliance considerations for application security teams

GDPR's Article 32 doesn't name SAST or SBOM, but fines like Meta's €1.2B and BA's £20m trace straight back to AppSec gaps.

May 12, 20266 min read
application-security (Page 24) — Safeguard Blog