testing
Safeguard articles tagged "testing" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Mocking APIs for secure testing: MSW and json-server for error and auth flows
MSW intercepts requests at the network layer; json-server spins up a fake REST API in one command. Neither should ever touch a real backend or real credentials.
IAST vs SAST in 2026: When to Use Which
A practical guide to when IAST adds value over SAST in 2026, with the workload characteristics that justify the operational cost of runtime instrumentation.
IAST vs DAST Decision Guide 2026
When to choose IAST, when to choose DAST, and when to run both. A decision framework for 2026 with concrete coverage, cost, and integration tradeoffs.
AI-Generated SBOMs: How Accurate Are They?
LLMs can now generate SBOMs from source code and documentation. We tested five AI SBOM generators against traditional tools to measure accuracy, completeness, and reliability.
How to Test Your Signing Pipeline End to End
Build a repeatable end-to-end test harness for your signing pipeline that proves artifacts are signed correctly and that verification fails when tampered.