Safeguard
Tag

code-review

Safeguard articles tagged "code-review" — guides, analysis, and best practices for software supply chain and application security.

45 articles

Software Supply Chain Security

How to configure GitHub branch protection rules

A practical guide to configuring GitHub branch protection rules — required reviews, status checks, and security settings that keep your main branch safe.

Feb 18, 20268 min read
AI Security

Copilot Code Review Security: What It Misses

Copilot's code review is useful. It is also not a security review, and treating it as one is how vulnerabilities ship. Here is what it actually catches.

Feb 13, 20267 min read
AppSec

The Benefits of Using SAST Tools During Code Review

The real benefit of using SAST tools during code review isn't finding more bugs than a human reviewer — it's finding the specific bugs humans consistently miss, before merge.

Nov 12, 20256 min read
DevSecOps

OWASP Secure Coding Practices: A Working Checklist

OWASP secure coding practices boil down to a handful of checks that catch most real-world vulnerabilities — here's the checklist teams actually use, not the full 200-item reference.

Sep 18, 20255 min read
AI Security

GenAI Code Review Tools: A 2025 Field Test

We field-tested five GenAI code review tools against 240 seeded security defects to see which catch real issues and which hallucinate findings.

Sep 2, 20254 min read
Application Security

How 'Vibe Coding' Culture Is Reshaping Application Securi...

AI-assisted "vibe coding" is reshaping how much code ships and how little of it gets truly reviewed. Here's what the data shows and how AppSec teams should respond.

Aug 8, 20257 min read
Industry Analysis

Do Code Review Practices Need to Change When Half the Cod...

AI now writes up to half of production code. Here is why traditional code review breaks down on AI output, and what teams need to change.

Aug 8, 20257 min read
Industry Analysis

The False Sense of Security Effect in AI-Assisted Develop...

AI coding assistants make developers write faster and trust more — even when the code is less secure. Here's what the data shows, and how to close the gap.

Aug 6, 20257 min read
DevSecOps

The Generational Divide in Attitudes Toward AI-Assisted C...

Younger developers trust AI-generated code far more than senior engineers do. That gap decides who reviews a PR before a vulnerability ships — and it's already showing up in real breaches.

Jul 17, 20257 min read
Dev Practices

Applying Git Patches Safely

Knowing how to apply a patch in git without breaking your working tree takes more than running git apply once and hoping for the best.

May 6, 20256 min read
AppSec

Secure Code Review: A Practical Checklist

Secure code reviews catch a different category of bug than functional code review, and having a repeatable checklist keeps reviewers from relying on memory for the same handful of recurring flaws.

Apr 9, 20255 min read
AppSec

Finding Vulnerabilities in Source Code: A Practical Method

A concrete, repeatable method for finding vulnerabilities in source code — combining static analysis, dependency scanning, and manual review without drowning your team in false positives.

Mar 14, 20257 min read
code-review (Page 3) — Safeguard Blog