Safeguard
Tag

sast

Safeguard articles tagged "sast" — guides, analysis, and best practices for software supply chain and application security.

267 articles

Application Security

What is Static Application Security Testing (SAST)

SAST scans source code for flaws before deployment. Learn how it works, where Checkmarx-style tools fall short on supply chain risk, and how Safeguard closes the gap.

Jun 23, 20268 min read
Application Security

Static Analysis Tools compared

Veracode built its name on SAST, DAST, and SCA for application code. Safeguard focuses static analysis on the software supply chain. Here's how the two actually differ.

Jun 22, 20267 min read
AI Security

What is AI Code Remediation?

AI code remediation turns vulnerability findings into ready-to-merge patches. Here's how it works, where Veracode's approach falls short, and how Safeguard closes the gap.

Jun 21, 20267 min read
Application Security

Vulnerability Scanner Tools: how they work

A breakdown of how SAST, DAST, SCA, and container vulnerability scanner tools actually work, where Veracode fits, and why false positives remain the industry's biggest problem.

Jun 20, 20267 min read
AI Security

5 best practices for adopting GitHub Copilot securely

GitHub Copilot has 1.3M+ paid seats. Five concrete, evidence-based practices for locking down content exclusion, licensing, code quality, and prompt injection risk.

Jun 12, 20267 min read
AI Security

Type-level security: the future of secure AI code generation

45% of AI-generated code fails basic security tests. Here's why type systems catch what code review misses, and how to enforce type-level security on AI-authored diffs.

Jun 8, 20268 min read
AI Security

Snyk VulnBench: benchmarking LLMs on repeat vulnerability discovery

Snyk's VulnBench JS 1.0 ran 300 repeated LLM scans and found half of non-reference findings vanish on rerun—raising the bar for AI security tooling.

Jun 7, 20267 min read
Application Security

What is SAST? Static Application Security Testing explained

SAST scans source code for vulnerabilities before deployment. Learn how it works, where it fits vs. DAST/SCA, its false-positive limits, and 2026 tooling.

Jun 4, 20267 min read
Application Security

SAST vs DAST vs SCA: choosing the right tool

SAST, DAST, and SCA each answer a different security question — here's what each catches, when to run them, and how to prioritize the flood of findings.

Jun 3, 20267 min read
Application Security

Top SAST solutions compared for 2026

Comparing Safeguard and Mend.io on SAST scope, CI/CD fit, and compliance coverage—what's verifiable, what to test yourself, and how a unified platform changes the tradeoffs.

May 26, 20268 min read
Application Security

Command injection in Python: examples and prevention

Python command injection lets attackers run arbitrary OS commands via os.system() or subprocess. Learn how it works, a real CVE, and how to prevent it.

May 22, 20266 min read
Application Security

Code injection in Python: examples and prevention

How Python code injection (CWE-94) works, real CVEs like PyYAML's CVE-2020-14343, and concrete steps to detect and fix it before attackers do.

May 21, 20267 min read
sast (Page 9) — Safeguard Blog