Safeguard
Tag

owasp-top-10

Safeguard articles tagged "owasp-top-10" — guides, analysis, and best practices for software supply chain and application security.

71 articles

Vulnerability Analysis

What is Insecure Deserialization

Insecure deserialization (CWE-502) lets attackers turn untrusted object data into remote code execution. Here's how the attack works and how to stop it.

Mar 29, 20267 min read
Vulnerability Analysis

What is Broken Access Control

Broken access control is OWASP's #1 web risk, found in 94% of apps tested. See how IDOR flaws breached First American, USPS, and Parler.

Mar 28, 20266 min read
Vulnerability Analysis

What is Insecure Direct Object Reference (IDOR)

IDOR lets attackers access other users data just by changing an ID in a URL or API call. Learn how it works, real breaches, and how to fix it.

Mar 28, 20267 min read
Vulnerability Analysis

What is LDAP Injection

LDAP injection lets attackers manipulate directory queries to bypass authentication or dump directory data. Here's how it works, real CVEs, and how to stop it.

Mar 27, 20266 min read
Vulnerability Analysis

What is Prototype Pollution

Prototype pollution lets attackers corrupt Object.prototype via unsafe merges, turning a data bug in lodash, jQuery, or minimist into RCE.

Mar 24, 20266 min read
Vulnerability Analysis

What is a Business Logic Vulnerability

Business logic vulnerabilities exploit correct code enforcing the wrong rules. Learn what they are, real breach examples, and how to detect them.

Mar 24, 20266 min read
Vulnerability Analysis

What is Broken Authentication

Broken authentication lets attackers assume another user's identity via credential stuffing, forged tokens, or auth-bypass CVEs like Fortinet's CVE-2022-40684.

Mar 23, 20266 min read
Vulnerability Analysis

What Are Cryptographic Failures

Cryptographic failures are OWASP's #2 Top 10 risk — weak, missing, or broken encryption. See real breaches, causes, and how to detect and fix them.

Mar 23, 20267 min read
Vulnerability Analysis

What Are Security Logging and Monitoring Failures

Equifax went undetected for 76 days, Marriott for four years. Here's what security logging and monitoring failures are, why they happen, and how to close the gap.

Mar 22, 20267 min read
Industry Analysis

XXE (XML External Entity) attack

A precise breakdown of what an XXE attack is, how XML external entity injection works, a real-world exploit example, the billion laughs attack, and prevention techniques.

Feb 25, 20266 min read
Vulnerability Analysis

What is Input Validation

Input validation stops malicious data at the door. See the CVEs — Equifax, Log4Shell, MOVEit — that prove why skipping it, or doing it wrong, is so costly.

Jan 28, 20266 min read
Vulnerability Analysis

What is Output Encoding

Output encoding neutralizes untrusted data before it reaches a browser or database -- the last line of defense against XSS, and most teams still get it wrong.

Jan 28, 20267 min read
owasp-top-10 (Page 4) — Safeguard Blog