Safeguard
Tag

appsec

Safeguard articles tagged "appsec" — guides, analysis, and best practices for software supply chain and application security.

339 articles

AppSec

Web Application Vulnerability Scanners, Compared

Web application vulnerability scanners range from free online URL checkers to full DAST platforms — here's how the categories differ and which one actually matches your risk.

Sep 23, 20255 min read
AppSec

Source Code Analysis Tools: SAST, Linters, and Semantic Engines

Not all source code analysis tools do the same job. Linters, pattern-based SAST, and semantic dataflow engines catch different bug classes, and mixing them up wastes budget.

Sep 16, 20256 min read
Application Security

How Snyk Code's security rule sets are structured and ver...

A technical look at how Snyk Code structures, scores, and versions its SAST rules — from the DeepCode AI engine to CWE mapping and custom rule bundles.

Sep 12, 20258 min read
AI Security

How Snyk Agent Fix's agentic retry loop self-corrects fai...

A technical look at how Snyk's Agent Fix uses a bounded, feedback-driven retry loop to validate and self-correct AI-generated vulnerability fixes before they reach a pull request.

Sep 10, 20258 min read
AppSec

The OWASP Top 10 API Security Risks, Explained

The OWASP Top 10 API Security Risks reorder the classic web vulnerability list around how APIs actually get broken — object-level authorization failures beat injection as the most common real-world root cause.

Sep 9, 20256 min read
Application Security

How Snyk Code's detection differs across Java, JavaScript...

Snyk Code applies one hybrid AI-plus-symbolic engine to ten languages, but rule depth, autofix coverage, and taint tracking vary widely by language.

Sep 9, 20258 min read
Application Security

How Snyk Code's confidence scoring separates high-confide...

How Snyk Code's confidence scoring works under the hood, and why "high confidence" and "severity" are not the same axis for triage.

Sep 9, 20257 min read
Security Concepts

Application Security vs Network Security: Where the Line Is

Application security vs network security comes down to what layer you're defending — code and logic versus traffic and perimeter — and most breaches now happen in the gap between them.

Sep 3, 20255 min read
Comparisons

A Checkmarx Scan: What It Actually Analyzes

A breakdown of what a Checkmarx scan actually analyzes under the hood, what its static analysis engine catches well, and where teams typically add another tool alongside it.

Aug 27, 20255 min read
AppSec

Webhooks Security: A Practical Checklist

Webhooks security is easy to get wrong because the endpoint has to trust an unauthenticated inbound request by default — here's the checklist that closes the common gaps.

Aug 22, 20255 min read
AppSec

XStream Deserialization Vulnerabilities: What You Need to Know

XStream, the popular Java XML serialization library, has a long history of deserialization vulnerabilities that lead to remote code execution when it processes untrusted input — here's what changed and how to fix it.

Aug 21, 20256 min read
AppSec

DAST Scanners: How to Choose One for Your Stack

A DAST scanner tests a running app the way an attacker would — but the options range from free crawlers to full authenticated-flow platforms. Here's how to pick.

Aug 19, 20254 min read
appsec (Page 20) — Safeguard Blog