Safeguard
Tag

dast

Safeguard articles tagged "dast" — guides, analysis, and best practices for software supply chain and application security.

62 articles

AppSec

Free Web Security Scanners: What to Expect From the Free Tier

What a free web security scanner will and won't catch, how the free tiers of popular tools are actually limited, and when you need to pay for real coverage.

May 2, 20255 min read
SecOps

Vulnerability Scanner Software: Categories and How to Choose

Network scanners, DAST, SCA, SAST, container and cloud scanners all claim the same job. Here is what each category actually finds and how to assemble coverage without buying six consoles.

Apr 22, 20255 min read
AppSec

SAST, DAST, and IAST: The Three Application Testing Types

SAST DAST IAST are three distinct testing approaches that catch different bug classes at different stages — here's how each actually works and when to run which.

Apr 2, 20255 min read
AppSec

Free Website Vulnerability Scanners: What You Actually Get

Free scanners catch the obvious stuff — missing headers, expired TLS, a handful of known CVEs — but they stop well short of what a real security program needs.

Mar 14, 20255 min read
Vulnerabilities

SQL Injection Detection: How Scanners Actually Find It

SQL injection detected in a scan report can mean very different things depending on whether it came from a static trace or a live dynamic test — here's how each actually works.

Feb 19, 20256 min read
AppSec

Bootstrapping a Secure Website Scan Workflow on a Budget

A small team can build a real scanning habit with zero budget — the trick is turning one-off checks into a repeatable workflow before traffic (and risk) grows.

Feb 18, 20256 min read
AppSec

Software Security Testing: A Practitioner's Overview

Software security testing spans static analysis, dynamic testing, dependency scanning, and manual review — a practical map of which method catches what, written for people who actually run these programs.

Sep 30, 20245 min read
Comparisons

SCA vs SAST vs DAST: Which Do You Actually Need First

Three scanner acronyms, one budget. A spec-level comparison of SCA, SAST, and DAST — what each catches, what each costs to run, and the order that pays off fastest.

Jul 2, 20246 min read
Concepts

What is IAST

IAST instruments a running application from the inside to find vulnerabilities with very low false positives. Here's how it works and how it compares to SAST and DAST.

Feb 14, 20247 min read
Concepts

What is Security Testing

Security testing is how teams find exploitable weaknesses before attackers do. Here's the main types — SAST, DAST, IAST, SCA, fuzzing, pentesting — and how they fit together.

Jan 11, 20247 min read
Application Security

DAST Tool Comparison for Enterprise: What Matters Beyond Feature Lists

Enterprise DAST tools differ in how they handle modern application architectures, API testing, and CI/CD integration. Here is what to evaluate when choosing a DAST solution.

Sep 5, 20235 min read
DevSecOps

GitLab CI Security Scanning Setup

Step-by-step guide to enabling SAST, DAST, dependency scanning, and container scanning in GitLab CI pipelines.

Mar 22, 20236 min read
dast (Page 5) — Safeguard Blog