Safeguard
Tag

application-security

Safeguard articles tagged "application-security" — guides, analysis, and best practices for software supply chain and application security.

613 articles

Vulnerability Analysis

CRLF injection and HTTP response splitting explained

CRLF injection lets attackers forge HTTP headers and split responses. Here's how it works, real CVEs behind it, and how to detect and stop it.

Dec 6, 20257 min read
Vulnerability Analysis

Business logic vulnerabilities explained

A business logic vulnerability breaks your app's rules, not its code. See how Starbucks, Shopify, and the DAO were exploited -- and how to detect and prevent it.

Dec 5, 20257 min read
Vulnerability Analysis

Mass assignment vulnerabilities explained

Mass assignment lets attackers write privileged fields like "role":"admin" via ordinary API calls. Learn how it works, real CVEs, and fixes.

Dec 5, 20257 min read
Vulnerability Analysis

GraphQL injection and introspection abuse explained

How GraphQL injection, introspection abuse, and alias-based DoS attacks expose APIs to data leaks—illustrated by the 2021 Peloton breach.

Dec 5, 20257 min read
Vulnerability Analysis

Prompt injection vulnerabilities in LLM applications explained

Prompt injection is OWASP's #1 LLM risk. See real CVEs like Vanna.AI's RCE flaw and how to detect and stop it.

Dec 2, 20257 min read
Vulnerability Analysis

Java deserialization gadget chains explained

Java deserialization gadget chains turn trusted classpath libraries into RCE. Learn how they work, key CVEs like CVE-2015-4852, and how to detect them.

Dec 2, 20256 min read
Vulnerability Analysis

Regular expression injection explained

Regex injection lets attackers rewrite pattern logic or trigger ReDoS. See real CVEs, exploit examples, and how to detect and fix it in your code.

Dec 2, 20257 min read
Vulnerability Analysis

Argument injection vulnerabilities explained

How argument injection (CWE-88) vulnerabilities work, real CVEs like PHPMailer and Git ssh URLs, and how teams detect and prevent CWE-88 flaws.

Dec 1, 20257 min read
Buyer's Guides

Best SAST tools for enterprise applications

A practical buyer's guide comparing top SAST tools for enterprise apps -- strengths, limitations, and how Safeguard unifies findings across your pipeline.

Nov 17, 20258 min read
Buyer's Guides

Best DAST tools for web application security testing

A practical comparison of DAST tools -- from OWASP ZAP to Invicti -- covering real strengths, limitations, and what Safeguard adds beyond runtime scanning.

Nov 16, 20259 min read
Buyer's Guides

Best IAST tools for runtime application security testing

A practical, no-fluff comparison of IAST tools for runtime application security testing — evaluation criteria, honest vendor tradeoffs, and where supply chain risk still slips through.

Nov 16, 20257 min read
Open Source Security

PHP object injection vulnerability landscape

Industry analysis of PHP object injection vulnerability trends, gadget chains, and real-world CVEs, plus how to find exploitable deserialization paths.

Nov 13, 20258 min read
application-security (Page 40) — Safeguard Blog