Safeguard
Tag

owasp-top-10

Safeguard articles tagged "owasp-top-10" — guides, analysis, and best practices for software supply chain and application security.

71 articles

Vulnerability Analysis

What Are Parameterized Queries

Parameterized queries stop SQL injection by binding user input as data instead of parsing it as SQL — here's how they work, and where they still fail.

Jan 28, 20266 min read
Security Concepts

The OWASP Top 10: A Quick Reference for 2026

A working reference to the OWASP Top10 categories, what each one covers in plain terms, and which scanner type actually catches it.

Jan 14, 20265 min read
Vulnerability Analysis

Server-Side Request Forgery (SSRF): how it works and how to prevent it

SSRF turns a server into an attacker's proxy into your internal network. Here's how it works, what Capital One's breach taught the industry, and how to stop it.

Dec 14, 20256 min read
Vulnerability Analysis

Cross-site scripting (XSS) explained for developers

XSS has topped vulnerability lists for two decades. Here's how reflected, stored, and DOM-based XSS actually work, real incidents, and how to fix them.

Dec 14, 20257 min read
Vulnerability Analysis

SQL injection: a complete developer's guide

A developer's guide to SQL injection: how it works, why CWE-89 still ranks in MITRE's Top 25, real breaches, and how to detect and fix it.

Dec 14, 20257 min read
Vulnerability Analysis

Insecure deserialization vulnerabilities explained

Insecure deserialization vulnerabilities let attackers turn trusted classes into gadget chains for RCE. See real CVEs, affected languages, and fixes.

Dec 13, 20256 min read
Vulnerability Analysis

XML External Entity (XXE) injection explained

XXE injection lets attackers abuse XML parsers to read files, hit cloud metadata via SSRF, or crash servers — here's how it works and how to stop it.

Dec 13, 20257 min read
Vulnerability Analysis

Cross-site request forgery (CSRF) explained

CSRF forges authenticated requests using a victim's own session cookies. Learn how real attacks against Netflix and uTorrent worked, and how to stop them.

Dec 13, 20257 min read
Vulnerability Analysis

Arbitrary file upload vulnerabilities explained

Arbitrary file upload flaws (CWE-434) have caused breaches from Equifax to GitLab. Here's how they work, the CVEs that prove it, and how to stop them.

Dec 12, 20257 min read
Vulnerability Analysis

NoSQL injection vulnerabilities explained

NoSQL injection lets attackers manipulate MongoDB-style queries via operators like $ne and $where. Learn how it works, real CVEs, and fixes.

Dec 10, 20257 min read
Vulnerability Analysis

Insecure direct object reference (IDOR) explained

IDOR lets attackers access other users' data by editing an ID in a request. See how it broke USPS, Panera, and First American — and how to actually fix it.

Dec 9, 20256 min read
Vulnerability Analysis

Authentication bypass vulnerabilities explained

Authentication bypass flaws let attackers skip login entirely. See how CVE-2022-40684, CVE-2023-22515, and CVE-2021-40539 were exploited and prevented.

Dec 9, 20257 min read
owasp-top-10 (Page 5) — Safeguard Blog