secure-coding
Safeguard articles tagged "secure-coding" — guides, analysis, and best practices for software supply chain and application security.
129 articles
Preventing Command Injection in Go: Allowlists, Argument Safety, and Sandboxing
os/exec keeps the shell out of your way — but user-controlled binaries, flag injection, and PATH tricks still get Go services popped. Here's the prevention playbook, not just the theory.
PCI DSS 4.0 for developers: a practical secure-coding guide
PCI DSS 4.0 moved secure development from an annual review to a continuous engineering practice. Here's what Requirement 6 means for developers writing and shipping code.
C# Secure Coding Guide: Patterns That Prevent Real Bugs
A hands-on C# secure coding guide covering input validation, safe APIs, path traversal, injection, and the language-level patterns that keep vulnerabilities out of your code.
Cybersecurity Basics for Developers
You do not need to become a security specialist to write secure code, but a working grasp of a few core ideas prevents most common mistakes. Here are the fundamentals every developer should carry into daily work.
.NET Security Best Practices for 2026
A practical .NET security playbook covering dependency risk, deserialization, secrets, cryptography, and CI/CD hardening, with the config flags and CVEs that make each control real.
Java Security Best Practices: A Lifecycle Approach for 2026
A practical, lifecycle-based guide to Java security in 2026 — covering input handling, cryptography, dependencies, and runtime hardening with real code.
Securing AI-Generated Code: A Practical 2026 Guide
AI now writes a large share of the code shipping to production, and it reproduces the same insecure patterns humans do — at machine speed. Here is how to keep AI-authored code from becoming your next incident.
Implementing the OWASP Top 10 Proactive Controls
A field guide to the OWASP Top 10 Proactive Controls: what each control requires, real breach examples like Equifax, and how to implement them in CI/CD.
SQL injection cheat sheet: 8 best practices to prevent it
SQL injection still breaches Fortune 500s in 2026. Here are 8 concrete practices — from parameterized queries to reachability analysis — that actually stop it.
Regular Expression Denial of Service (ReDoS) explained
ReDoS turns a single crafted string into an exponential-time attack. Here's how catastrophic backtracking works, real CVEs, and how to detect it.
Preventing path traversal (directory traversal) attacks
Path traversal lets attackers read or write files outside a web app's directory using ../ sequences. Here's how it works and how to stop it.
Preventing open redirect vulnerabilities
Open redirect flaws turn trusted domains into phishing and OAuth-token-theft infrastructure. Here's how they work, how to find them, and how to fix them for good.