waf
Safeguard articles tagged "waf" — guides, analysis, and best practices for software supply chain and application security.
8 articles
Runtime Application Security Protection (RASP), Explained
Runtime application security protection instruments your app from the inside so it can block attacks in production, not just flag them in a report.
CVE-2025-64446 in Fortinet FortiWeb: Patch Posture & SBOM Response
FortiWeb path traversal + RCE scored CVSS 9.1 and entered CISA KEV after months of targeted exploitation. Defender playbook for the WAF emergency.
Preventing SQL Injection: A Defense-in-Depth Approach
Parameterized queries stop most SQL injection, but the attacks that make it to production usually slip past a single control — here's the layered defense that catches the rest.
SQL Injection Prevention Techniques That Actually Work
SQL injection prevention comes down to one non-negotiable technique — parameterized queries — plus a short list of layered defenses that catch what a single control misses.
What is RASP
RASP runs inside an application and blocks attacks in real time, from the inside out. Here's how it works, how it differs from a WAF, and where it fits.
WAF Bypass Techniques and What They Mean for Supply Chain Security
Web Application Firewalls are a critical defense layer, but they are routinely bypassed. Understanding bypass techniques helps you build defense in depth rather than relying on a single control.
Runtime Application Self-Protection (RASP): A Practical Guide
RASP embeds security directly into the application runtime, detecting and blocking attacks from inside the app. It's powerful, controversial, and misunderstood. Here's what actually works.
WAF Rule Writing Best Practices: From Alert Fatigue to Actionable Protection
Most WAF deployments drown in false positives because the rules were never tuned. Here is how to write rules that protect without blocking legitimate traffic.