Safeguard
Tag

sast

Safeguard articles tagged "sast" — guides, analysis, and best practices for software supply chain and application security.

267 articles

AppSec

Application Security Vulnerability Management: A Working Workflow

A concrete workflow for application security vulnerability management, from scan to fix to verified close, that survives contact with a real release calendar.

Jun 11, 20255 min read
SecOps

False Positives in Cyber Security: Why They Happen and How to Cut Them

A scanner that cries wolf gets ignored. Here's why false positives pile up in security tooling and the concrete changes that actually reduce them.

Jun 11, 20255 min read
DevSecOps

Security Testing in the Software Development Lifecycle

Security testing for software development only works when it's distributed across the SDLC, not bolted on as a single pre-release gate — here's where each test type actually belongs.

Jun 9, 20255 min read
Comparisons

What Is Checkmarx? A Plain-English Overview

Checkmarx is one of the oldest names in static analysis, built for large enterprises with dedicated security teams. Here's what it actually does and how it stacks up.

May 27, 20254 min read
AppSec

Code Injection in Python: How It Happens and How to Prevent It

Code injection python vulnerabilities almost always trace back to eval, exec, or a template engine handed untrusted input; here is how the attack works and how to close it off.

May 14, 20256 min read
AppSec

Static Code Analysis in Cyber Security: What It Actually Does

Static code analysis in cyber security means scanning source code without running it to catch injection flaws, hardcoded secrets, and unsafe patterns before they ship — here's what it catches and what it misses.

May 14, 20255 min read
DevSecOps

DevSecOps Tools Comparison 2025: Choosing the Right Stack

The DevSecOps tooling landscape has exploded. From SAST to SCA to SBOM management, this guide compares the major categories and helps you build a coherent security toolchain.

Apr 20, 20256 min read
AppSec

Secure Code Review: A Practical Checklist

Secure code reviews catch a different category of bug than functional code review, and having a repeatable checklist keeps reviewers from relying on memory for the same handful of recurring flaws.

Apr 9, 20255 min read
AppSec

Mobile Security Testing for iOS and Android Apps

Mobile apps fail in ways web apps don't — insecure local storage, weak certificate pinning, reverse-engineerable binaries — and testing them requires methods most web-focused AppSec programs never built.

Apr 9, 20256 min read
AppSec

SAST, DAST, and IAST: The Three Application Testing Types

SAST DAST IAST are three distinct testing approaches that catch different bug classes at different stages — here's how each actually works and when to run which.

Apr 2, 20255 min read
AppSec

Use-After-Free Vulnerabilities: How They're Exploited

A use-after-free exploit turns a dangling pointer into arbitrary code execution — here's how the bug class works, why it still dominates browser and kernel CVEs, and how to catch it before release.

Mar 18, 20256 min read
Vulnerabilities

XXE Attack Walkthroughs: What a Good Demo Actually Shows

Most XXE video walkthroughs stop at proof-of-concept file reads — here's what a genuinely useful one covers, plus the Java fix that actually closes the hole.

Mar 18, 20255 min read
sast (Page 20) — Safeguard Blog