sast
Safeguard articles tagged "sast" — guides, analysis, and best practices for software supply chain and application security.
267 articles
XXE Prevention in Java: Hardening DocumentBuilderFactory
Java's DocumentBuilderFactory parses XML with external entities on by default, turning XML uploads into file-read and SSRF vectors. Here is how to lock it down.
Secure Random Number Generation in Go with crypto/rand
Go's math/rand is fast but predictable. Here's why crypto/rand is the only safe choice for tokens, keys, and nonces -- and what changed in Go 1.20-1.24.
OWASP Secure Coding Practices: A Working Checklist
OWASP secure coding practices boil down to a handful of checks that catch most real-world vulnerabilities — here's the checklist teams actually use, not the full 200-item reference.
Source Code Analysis Tools: SAST, Linters, and Semantic Engines
Not all source code analysis tools do the same job. Linters, pattern-based SAST, and semantic dataflow engines catch different bug classes, and mixing them up wastes budget.
SCA vs Static Code Analysis: The Real Difference
Software composition analysis and static code analysis get lumped together constantly, but they read entirely different things and catch entirely different bugs.
How Snyk Code's semantic analysis engine builds a code mo...
A mechanical look at how Snyk Code's semantic analysis engine parses source into a code model, tracks data flow across files, and prioritizes vulnerability findings.
Inside DeepCode AI: how Snyk Code's ML models are trained...
How Snyk's DeepCode AI turns millions of open-source commit fixes into the symbolic-AI and ML models powering Snyk Code's vulnerability detection and autofixes.
How taint analysis works in Snyk Code: tracking data from...
Snyk Code traces untrusted data from source to sink using interprocedural static analysis and ML ranking. Here's how the taint-tracking mechanics work.
How Snyk Code performs interprocedural data-flow analysis...
How Snyk Code tracks tainted data across function and file boundaries using call-graph summaries, taint propagation, and hybrid symbolic AI rules.
How Snyk Code models control flow to catch race condition...
A mechanical look at how Snyk Code builds control flow and data flow graphs to trace paths that produce race conditions and null pointer dereferences.
How Snyk Code distinguishes sanitizers from insecure sour...
How Snyk Code's taint-tracking engine tells sanitizers apart from insecure sources and sinks, and where the source-sink-sanitizer model still needs human review.
Why Snyk Code's semantic approach produces fewer false po...
Snyk Code cuts SAST false positives using semantic analysis: AST/data-flow graphs plus ML trained on real code, not regex patterns. Here is how the mechanics work.