Safeguard
Tag

owasp

Safeguard articles tagged "owasp" — guides, analysis, and best practices for software supply chain and application security.

104 articles

Code Security

Server-Side Request Forgery (SSRF): The Vulnerability That Unlocks Cloud Metadata

SSRF lets attackers reach internal services through your application. In cloud environments, that often means access to instance metadata and IAM credentials.

Jun 18, 20236 min read
AppSec

Modern Command Injection Prevention: Beyond the Basics

Command injection remains in the OWASP Top 10 because developers keep making the same mistakes with new tools. Here is a modern prevention guide covering containers, serverless, and CI/CD.

Apr 5, 20236 min read
Code Security

Cross-Site Scripting (XSS) Prevention: Context-Aware Encoding and Modern Defenses

XSS remains a top web vulnerability because output encoding is context-dependent. Here is how to get it right across HTML, JavaScript, URL, and CSS contexts.

Feb 12, 20236 min read
Application Security

Sensitive Data Exposure Prevention: Protecting Data at Rest, in Transit, and in Use

Data exposure is not just about encryption. It is about knowing where your sensitive data lives, how it moves, and who can access it at every stage.

Jan 15, 20236 min read
Code Security

SQL Injection Prevention in 2022: Why It Still Happens and How to Stop It

SQL injection has been the top web vulnerability for over two decades. Modern frameworks help, but they do not make it impossible. Here is what still goes wrong.

Oct 22, 20227 min read
Application Security

Security Misconfiguration Checklist: The Low-Hanging Fruit Attackers Love

Misconfigurations are the easiest vulnerabilities to find and exploit. Here is a practical checklist for web servers, frameworks, cloud services, and databases.

Sep 8, 20226 min read
Application Security

The OWASP Top 10 (2021) Through a Supply Chain Security Lens

The 2021 OWASP Top 10 added supply chain risks for the first time. Here is what each category means when your code is mostly someone else's code.

Jun 15, 20228 min read
Application Security

Broken Access Control: The Number One Web Vulnerability and How to Fix It

Access control moved to the top of the OWASP Top 10 in 2021. Here is why it is so hard to get right and what a solid authorization architecture looks like.

May 25, 20226 min read
owasp (Page 9) — Safeguard Blog