Safeguard
Tag

security-testing

Safeguard articles tagged "security-testing" — guides, analysis, and best practices for software supply chain and application security.

18 articles

Concepts

What is Security Testing

Security testing is how teams find exploitable weaknesses before attackers do. Here's the main types — SAST, DAST, IAST, SCA, fuzzing, pentesting — and how they fit together.

Jan 11, 20247 min read
How-To Guide

Automated Security Testing in CI/CD Pipelines

A hands-on guide to embedding SAST, SCA, secret scanning, and container analysis into your CI/CD pipeline without making builds unbearably slow.

Jul 22, 20236 min read
Application Security

Property-Based Testing for Security: Defining Invariants That Must Never Break

Property-based testing defines invariants about program behavior and generates thousands of test cases automatically. For security code, the right properties can catch vulnerabilities that example-based tests miss.

Dec 5, 20225 min read
Application Security

Mutation Testing for Security Validation: Testing Your Tests

Mutation testing measures whether your security tests actually catch bugs by introducing small changes to code and checking if tests fail. Here is how to apply it to security-critical code.

Aug 5, 20225 min read
DevSecOps

Ephemeral Environments for Security Testing: A Modern Approach

Ephemeral environments — short-lived, on-demand copies of your application stack — are transforming how teams approach security testing. No more fighting over shared staging environments.

Apr 25, 20225 min read
Application Security

Fuzz Testing Supply Chain Components: Finding Bugs Before Attackers Do

Fuzz testing discovers crashes, memory corruption, and logic errors by feeding random inputs to software. Applied to supply chain components, it reveals vulnerabilities that code review and static analysis miss.

Apr 5, 20225 min read
security-testing (Page 2) — Safeguard Blog