Safeguard
Tag

secure-coding

Safeguard articles tagged "secure-coding" — guides, analysis, and best practices for software supply chain and application security.

129 articles

Security Guides

Preventing Command Injection in Go: Allowlists, Argument Safety, and Sandboxing

os/exec keeps the shell out of your way — but user-controlled binaries, flag injection, and PATH tricks still get Go services popped. Here's the prevention playbook, not just the theory.

Jul 2, 20266 min read
Compliance

PCI DSS 4.0 for developers: a practical secure-coding guide

PCI DSS 4.0 moved secure development from an annual review to a continuous engineering practice. Here's what Requirement 6 means for developers writing and shipping code.

Jul 2, 20265 min read
Security Guides

C# Secure Coding Guide: Patterns That Prevent Real Bugs

A hands-on C# secure coding guide covering input validation, safe APIs, path traversal, injection, and the language-level patterns that keep vulnerabilities out of your code.

Jul 1, 20266 min read
Concepts

Cybersecurity Basics for Developers

You do not need to become a security specialist to write secure code, but a working grasp of a few core ideas prevents most common mistakes. Here are the fundamentals every developer should carry into daily work.

Jul 1, 20266 min read
Security Guides

.NET Security Best Practices for 2026

A practical .NET security playbook covering dependency risk, deserialization, secrets, cryptography, and CI/CD hardening, with the config flags and CVEs that make each control real.

Jul 1, 20267 min read
Security Guides

Java Security Best Practices: A Lifecycle Approach for 2026

A practical, lifecycle-based guide to Java security in 2026 — covering input handling, cryptography, dependencies, and runtime hardening with real code.

Jul 1, 20266 min read
AI Security

Securing AI-Generated Code: A Practical 2026 Guide

AI now writes a large share of the code shipping to production, and it reproduces the same insecure patterns humans do — at machine speed. Here is how to keep AI-authored code from becoming your next incident.

Jul 1, 20266 min read
Application Security

Implementing the OWASP Top 10 Proactive Controls

A field guide to the OWASP Top 10 Proactive Controls: what each control requires, real breach examples like Equifax, and how to implement them in CI/CD.

Jun 4, 20267 min read
Application Security

SQL injection cheat sheet: 8 best practices to prevent it

SQL injection still breaches Fortune 500s in 2026. Here are 8 concrete practices — from parameterized queries to reachability analysis — that actually stop it.

May 31, 20267 min read
Application Security

Regular Expression Denial of Service (ReDoS) explained

ReDoS turns a single crafted string into an exponential-time attack. Here's how catastrophic backtracking works, real CVEs, and how to detect it.

May 29, 20265 min read
Application Security

Preventing path traversal (directory traversal) attacks

Path traversal lets attackers read or write files outside a web app's directory using ../ sequences. Here's how it works and how to stop it.

May 29, 20267 min read
Application Security

Preventing open redirect vulnerabilities

Open redirect flaws turn trusted domains into phishing and OAuth-token-theft infrastructure. Here's how they work, how to find them, and how to fix them for good.

May 28, 20267 min read
secure-coding (Page 4) — Safeguard Blog