Safeguard
Tag

application-security

Safeguard articles tagged "application-security" — guides, analysis, and best practices for software supply chain and application security.

613 articles

Application Security

How Snyk Code suppressions and in-file ignore annotations...

How Snyk Code's in-file ignore annotations and UI-based suppressions work mechanically, from fingerprinting to Consistent Ignores, and where governance gaps appear.

Sep 10, 20257 min read
Application Security

How Snyk Code's incremental scanning speeds up repeated s...

Snyk Code speeds up repeat SAST scans on large codebases by re-analyzing only changed files instead of the whole repository each time.

Sep 10, 20257 min read
Application Security

How Snyk Agent Fix uses dynamic few-shot prompting to gen...

How Snyk Agent Fix uses dynamic few-shot prompting and a 35,000-example database to generate, validate, and iteratively repair AI-generated code fixes.

Sep 10, 20257 min read
Application Security

Why Snyk Agent Fix scopes fixes to a single file, and wha...

Snyk Agent Fix patches one file per finding. Here's why that scope exists, which vulnerability classes need multi-file fixes, and how to catch what a single-file patch leaves behind.

Sep 9, 20257 min read
AppSec

Reading a SAST Report: Findings, Traces, and Triage

A SAST report is a list of claims, not a list of bugs. How to read data-flow traces, judge severity honestly, and run a triage workflow that keeps the queue moving.

Sep 9, 20256 min read
Application Security

How Snyk Code's detection differs across Java, JavaScript...

Snyk Code applies one hybrid AI-plus-symbolic engine to ten languages, but rule depth, autofix coverage, and taint tracking vary widely by language.

Sep 9, 20258 min read
Application Security

How Snyk Code integrates with GitHub Advanced Security th...

A technical walkthrough of how Snyk Code's SARIF output is generated, uploaded, and deduplicated inside GitHub Advanced Security's code scanning pipeline.

Sep 9, 20257 min read
Application Security

How Snyk Code's confidence scoring separates high-confide...

How Snyk Code's confidence scoring works under the hood, and why "high confidence" and "severity" are not the same axis for triage.

Sep 9, 20257 min read
Application Security

How Snyk Code analyzes API usage patterns to catch insecu...

A technical look at how Snyk Code's symbolic engine and taint tracking flag insecure API calls like weak crypto, XXE, and SSRF before code ships.

Sep 8, 20257 min read
Application Security

How Snyk Code detects path traversal vulnerabilities thro...

How Snyk Code uses interprocedural data-flow tracing—not regex matching—to catch path traversal (CWE-22) by connecting tainted sources to file-system sinks.

Sep 8, 20258 min read
Application Security

How Snyk Code's duplicate and similar-code detection supp...

Snyk Code once shipped duplicate and similar-code detection under its Code Quality rules. Here's how it worked, and what its 2025 retirement means for teams.

Sep 8, 20257 min read
Application Security

How 'Vibe Coding' Culture Is Reshaping Application Securi...

AI-assisted "vibe coding" is reshaping how much code ships and how little of it gets truly reviewed. Here's what the data shows and how AppSec teams should respond.

Aug 8, 20257 min read
application-security (Page 46) — Safeguard Blog