Safeguard
Tag

sast

Safeguard articles tagged "sast" — guides, analysis, and best practices for software supply chain and application security.

267 articles

AppSec

Source Code Security Scanning Programs That Scale

A source code security scanning program that works for 20 repos usually breaks at 200 — here's how to design one that scales with the number of teams, not just the number of scans.

Aug 19, 20256 min read
Industry Analysis

How Snyk approaches securing AI-generated code from codin...

A technical look at how Snyk's DeepCode AI engine, Agent Fix, and Snyk Studio MCP server scan and govern code from AI coding assistants like Claude Code and Cursor.

Aug 19, 20258 min read
Product

How Snyk's JetBrains plugin family supports IntelliJ, PyC...

A mechanical look at how Snyk ships one JetBrains plugin across IntelliJ, PyCharm, WebStorm, GoLand, and Rider using a shared platform and backend scan engine.

Aug 18, 20256 min read
Open Source Security

How Snyk's Eclipse plugin integrates open source and code...

A mechanical look at how Snyk's Eclipse plugin surfaces open source and code scan findings as native markers in the IDE's Problems view.

Aug 18, 20257 min read
Product

How the Snyk CLI generates SARIF output for GitHub code s...

A technical walkthrough of how the Snyk CLI serializes scan results into SARIF 2.1.0 and how GitHub code scanning ingests them into Security tab alerts.

Aug 16, 20257 min read
Open Source Security

The Hidden Risk of Copy-Pasted Code Snippets from Forums ...

Copy-pasted code from Stack Overflow and AI chats often ships with hidden vulnerabilities. Here's the data behind the risk, real breaches it caused, and how to catch it.

Aug 10, 20258 min read
AI Security

Model Training Data and the Propagation of Insecure Codin...

LLM coding assistants inherit insecure patterns from their training data — from SQLi-prone snippets to hallucinated packages attackers exploit. Here's how the risk propagates.

Aug 7, 20258 min read
AppSec

Static vs Dynamic Code Analysis: The Real Tradeoffs

Static analysis reads code without running it; dynamic analysis watches an application behave — the real question isn't which is better, it's which gap each one leaves open.

Jul 30, 20256 min read
Open Source Security

The Quiet Consolidation of SCA, SAST, and Container Scann...

A wave of PE buyouts and platform acquisitions is quietly folding SCA, SAST, and container scanning into fewer, bigger AppSec platforms. Here's what's driving it.

Jul 15, 20258 min read
AppSec

Application Vulnerability Assessment: Scope, Method, and Reporting

Most assessment reports die unread because scope was fuzzy and findings were not verified. A working method for assessments that end in shipped fixes.

Jun 24, 20255 min read
AppSec

Code Scanning Tools: SAST, Secrets, and Linters Compared

SAST tools, secret scanners, and linters all read your source code but catch entirely different classes of problems — here's how to tell them apart and stack them correctly.

Jun 24, 20255 min read
AppSec

Application Security Testing Tools: SAST, DAST, IAST, and SCA Compared

Four scanner families see four different slices of your risk. What SAST, DAST, IAST, and SCA each catch and miss, and how to sequence them in CI without drowning developers.

Jun 24, 20256 min read
sast (Page 19) — Safeguard Blog