Safeguard
Tag

industry-analysis

Safeguard articles tagged "industry-analysis" — guides, analysis, and best practices for software supply chain and application security.

85 articles

Industry Analysis

Remote attestation fundamentals for confidential computin...

A practical look at remote attestation for confidential computing: how enclave protocols and hardware verification prove workloads haven't been tampered with.

Dec 11, 20257 min read
Industry Analysis

Key security risks unique to WebAssembly runtimes and mod...

WebAssembly runs your edge functions, service mesh plugins, and smart contracts. Here are the WebAssembly security risks hiding behind the sandbox.

Dec 11, 20258 min read
Industry Analysis

How the WASI security model constrains system access for ...

WASI's capability model gives Wasm modules only the exact files, sockets, and resources they're explicitly granted—but misconfiguration and runtime bugs still leave real gaps to close.

Dec 10, 20257 min read
Industry Analysis

Practical steps to secure third-party WebAssembly plugins...

A step-by-step guide to securing third-party WebAssembly plugins in production: sandboxing, capability restriction, resource limits, provenance checks, and runtime monitoring.

Dec 10, 20258 min read
Industry Analysis

Security considerations for running WebAssembly at the ed...

Wasm's sandbox is safe by default, not safe by construction. Here's where edge WebAssembly security breaks down -- in browsers, at the edge, and in the build pipeline.

Dec 10, 20257 min read
Industry Analysis

NoSQL Injection Attack Techniques

NoSQL injection lets attackers bypass logins and hijack MongoDB/CouchDB apps using operators like $ne and $where. Here's how it works and how to stop it.

Nov 9, 20258 min read
Industry Analysis

Prototype Pollution in JavaScript Applications

Prototype pollution has hit lodash, jQuery, and minimist with real CVEs, from DoS to RCE. Here's how the bug works and how Safeguard catches it before it ships.

Nov 8, 20257 min read
Industry Analysis

Code Injection via eval() and exec() Across Languages

eval() and exec() turn dynamic code execution into remote code execution. A cross-language look at how it happens in Python, JS, PHP, and Ruby.

Nov 7, 20257 min read
Industry Analysis

Broken Function Level Authorization (BFLA) in APIs

BFLA lets a regular user call admin-only API functions. Here's how the USPS, Peloton, and Coinbase incidents happened — and how to catch it before attackers do.

Nov 7, 20257 min read
Industry Analysis

Unrestricted Access to Sensitive Business Flows

OWASP's API10:2023 category covers a threat scanners can't see: bots abusing legitimate business flows like checkout and ticketing at scale. Here's how it works.

Nov 6, 20257 min read
Industry Analysis

Unsafe Consumption of Third-Party APIs

Third-party APIs get trusted more than user input ever would — and attackers know it. Real breaches from Polyfill.io to 3CX show why that trust is misplaced.

Nov 6, 20257 min read
Industry Analysis

CORS Misconfiguration Vulnerabilities

CORS misconfiguration vulnerabilities let attackers steal authenticated API data with a single reflected Origin header. Here's how they happen and how to catch them before release.

Nov 4, 20256 min read
industry-analysis (Page 5) — Safeguard Blog