Safeguard
Tag

owasp-top-10

Safeguard articles tagged "owasp-top-10" — guides, analysis, and best practices for software supply chain and application security.

71 articles

Application Security

Preventing XML external entity (XXE) injection

XXE injection lets attackers read local files, trigger SSRF, or crash servers via XML parsers. Here is how it works and how to shut it down for good.

May 28, 20267 min read
Application Security

A guide to input validation with Spring Boot

Spring Boot doesn't validate input by default. Here's how Bean Validation actually works, where teams get it wrong, and how missing validation leads to injection and mass assignment.

May 25, 20266 min read
Application Security

Improving GraphQL security with static analysis

GraphQL's flexible query model breaks REST-era security assumptions. Here's how static analysis catches introspection leaks, DoS, and BOLA before deploy.

Apr 27, 20266 min read
Application Security

Preventing broken access control in Express.js applications

Express.js ships with no built-in authorization layer, making broken access control easy to introduce and hard to catch with pattern-based scanners.

Apr 17, 20267 min read
Application Security

Web Application Security Risks & Best Practices

Web app flaws like MOVEit and Log4Shell keep causing breaches. Here's what's actually exploitable in 2026, and how to fix it before attackers do.

Apr 10, 20267 min read
Vulnerability Analysis

What is Cross-Site Scripting (XSS)

XSS lets attackers inject malicious JavaScript into trusted pages. Learn how stored, reflected, and DOM-based XSS work, real breaches, and defenses.

Apr 1, 20267 min read
Vulnerability Analysis

What is SQL Injection (SQLi)

SQL injection (CWE-89) lets attackers rewrite database queries via untrusted input — here's how SQLi works, its types, severity, and how to prevent it.

Apr 1, 20267 min read
Vulnerability Analysis

How Does SQL Injection Work

A technical walkthrough of how SQL injection works, the main attack variants, real breaches it caused, and how to detect and prevent it.

Mar 31, 20267 min read
Vulnerability Analysis

What is Cross-Site Request Forgery (CSRF)

CSRF forges an authenticated request using a victim's own session cookie. Learn how it works, real Gmail/YouTube cases, and how to detect and fix it.

Mar 31, 20267 min read
Vulnerability Analysis

What is Server-Side Request Forgery (SSRF)

SSRF turns a server's own trusted network position against it. Learn how the Capital One breach happened, real CVEs, and how to detect and prevent it.

Mar 31, 20266 min read
Vulnerability Analysis

What is Path Traversal

Path traversal (CWE-22) lets attackers escape a web root using ../ sequences to read or write arbitrary files. Here's how it works, real breaches, and fixes.

Mar 30, 20266 min read
Vulnerability Analysis

What is XML External Entity (XXE) Injection

XXE injection lets attackers abuse XML parsers to read files, trigger SSRF, or crash services. Here's how it works, real CVEs, and how to stop it.

Mar 30, 20266 min read
owasp-top-10 (Page 3) — Safeguard Blog