application-security
Safeguard articles tagged "application-security" — guides, analysis, and best practices for software supply chain and application security.
613 articles
Checkmarx SCA: Application Security from a SAST Pioneer
A review of Checkmarx SCA covering its integration with the broader Checkmarx AST platform, vulnerability detection, and exploitability analysis capabilities.
DAST Tool Comparison for Enterprise: What Matters Beyond Feature Lists
Enterprise DAST tools differ in how they handle modern application architectures, API testing, and CI/CD integration. Here is what to evaluate when choosing a DAST solution.
IAST Explained: Why Instrumented Security Testing Catches What Others Miss
IAST combines the precision of SAST with the realism of DAST. Here is how it works, where it fits, and what it actually costs to deploy.
Runtime Application Self-Protection (RASP): A Practical Guide
RASP embeds security directly into the application runtime, detecting and blocking attacks from inside the app. It's powerful, controversial, and misunderstood. Here's what actually works.
Business Logic Vulnerabilities: The Flaws Scanners Cannot Find
Business logic vulnerabilities bypass every automated scanner because they are not coding errors. They are design errors. Here is how to identify and prevent them.
Modern Command Injection Prevention: Beyond the Basics
Command injection remains in the OWASP Top 10 because developers keep making the same mistakes with new tools. Here is a modern prevention guide covering containers, serverless, and CI/CD.
Dynamic Application Security Testing: A Practitioner's Guide to DAST Done Right
DAST finds what source code analysis cannot. Here is how to set it up, tune it, and actually get value from it in a modern CI/CD pipeline.
Race Condition Vulnerabilities in Web Applications
Race conditions in web applications lead to double-spending, privilege escalation, and data corruption. This guide covers the most common patterns, detection techniques, and practical defenses.
WAF Rule Writing Best Practices: From Alert Fatigue to Actionable Protection
Most WAF deployments drown in false positives because the rules were never tuned. Here is how to write rules that protect without blocking legitimate traffic.
Protocol Buffer Security Considerations Beyond Serialization
Protobuf is everywhere in modern infrastructure. Its security implications go beyond just serialization format choice. Here is what to watch.
SAST vs DAST vs IAST: Which Application Security Testing Approach Fits Your Pipeline?
A practical comparison of SAST, DAST, and IAST — when to use each, where they overlap, and why most teams need more than one.
The OWASP Top 10 (2021) Through a Supply Chain Security Lens
The 2021 OWASP Top 10 added supply chain risks for the first time. Here is what each category means when your code is mostly someone else's code.