vulnerability-detection
Safeguard articles tagged "vulnerability-detection" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Regular Expression Denial of Service (ReDoS) explained
ReDoS turns a single crafted string into an exponential-time attack. Here's how catastrophic backtracking works, real CVEs, and how to detect it.
What is Fuzz Testing (Fuzzing)
Fuzz testing bombards software with malformed inputs to surface crashes and memory bugs. Here's how fuzzers work, what they've found, and where they fall short.
What is Taint Analysis
Taint analysis traces untrusted input from source to sink to catch injection flaws. Learn how it works, what it misses, and how reachability analysis fixes the noise.
How Snyk Code's semantic analysis engine builds a code mo...
A mechanical look at how Snyk Code's semantic analysis engine parses source into a code model, tracks data flow across files, and prioritizes vulnerability findings.
AI Code Review for Security: How Effective Is It Really?
AI-powered code review tools promise to catch vulnerabilities faster than humans. We tested the claims against reality.