Safeguard
Tag

sast

Safeguard articles tagged "sast" — guides, analysis, and best practices for software supply chain and application security.

267 articles

DevSecOps

GitHub Advanced Security vs Alternatives, Early 2024

GitHub Advanced Security anchors many AppSec programs in 2024, but Snyk, Semgrep, Endor, and others are credible alternatives. Here is an honest comparison.

Mar 25, 20246 min read
Tool Comparisons

Semgrep vs CodeQL: Static Analysis for Security Teams

A deep comparison of Semgrep and CodeQL for static application security testing, covering rule writing, performance, language support, and practical deployment considerations.

Feb 18, 20246 min read
Concepts

What is IAST

IAST instruments a running application from the inside to find vulnerabilities with very low false positives. Here's how it works and how it compares to SAST and DAST.

Feb 14, 20247 min read
Security Concepts

CWE Full Form: What It Actually Stands For

CWE stands for Common Weakness Enumeration — a community-maintained taxonomy of software and hardware weakness types that CVEs, SAST tools, and OWASP guidance all reference back to.

Feb 8, 20245 min read
Concepts

What is Security Testing

Security testing is how teams find exploitable weaknesses before attackers do. Here's the main types — SAST, DAST, IAST, SCA, fuzzing, pentesting — and how they fit together.

Jan 11, 20247 min read
AI Security

AI Code Review for Security: How Effective Is It Really?

AI-powered code review tools promise to catch vulnerabilities faster than humans. We tested the claims against reality.

Jan 5, 20246 min read
Tool Reviews

SonarQube Security Scanning: Code Quality Meets Application Security

A review of SonarQube's security scanning capabilities, examining how its code quality heritage shapes its approach to vulnerability detection and taint analysis.

Nov 15, 20235 min read
Tool Reviews

Checkmarx SCA: Application Security from a SAST Pioneer

A review of Checkmarx SCA covering its integration with the broader Checkmarx AST platform, vulnerability detection, and exploitability analysis capabilities.

Sep 28, 20235 min read
DevSecOps

Kotlin detekt Security Rules: Catching Vulnerabilities in Kotlin Code

detekt is Kotlin's primary static analysis tool. Its security-relevant rules catch patterns that lead to vulnerabilities in Android and server-side Kotlin.

Jul 28, 20235 min read
DevSecOps

GitLab CI Security Scanning Setup

Step-by-step guide to enabling SAST, DAST, dependency scanning, and container scanning in GitLab CI pipelines.

Mar 22, 20236 min read
DevSecOps

Ruby Brakeman Security Scanner: Rails-Aware Vulnerability Detection

Brakeman understands Rails conventions and catches security issues that generic scanners miss. Here is how to use it effectively.

Mar 15, 20235 min read
Tool Reviews

GitLab Ultimate Security Features: Built-In Security Done Pragmatically

A review of GitLab Ultimate's security scanning features covering SAST, DAST, dependency scanning, container scanning, and how integrated security compares to best-of-breed tools.

Feb 28, 20235 min read
sast (Page 22) — Safeguard Blog