Safeguard
Tag

web-security

Safeguard articles tagged "web-security" — guides, analysis, and best practices for software supply chain and application security.

90 articles

Cloud Security

SSRF Exploitation in Cloud Environments

Server-Side Request Forgery is especially dangerous in cloud environments where metadata services expose credentials and configuration. This guide covers SSRF exploitation techniques and defenses specific to AWS, GCP, and Azure.

Sep 5, 20227 min read
Infrastructure Security

CDN Supply Chain Security Risks You Should Know

Content delivery networks serve billions of software assets daily. When a CDN is compromised, the blast radius is enormous. Here's what CDN supply chain risks look like and how to defend against them.

Jul 8, 20226 min read
Web Security

Security Headers Implementation Checklist: Hardening Your Web Application

HTTP security headers are your first line of defense against XSS, clickjacking, and data injection attacks. Here is a practical implementation checklist with correct configurations.

Jun 5, 20225 min read
Application Security

Broken Access Control: The Number One Web Vulnerability and How to Fix It

Access control moved to the top of the OWASP Top 10 in 2021. Here is why it is so hard to get right and what a solid authorization architecture looks like.

May 25, 20226 min read
Web Security

File Upload Vulnerability Prevention: A Practical Guide

File upload functionality is one of the most dangerous features in web applications. This guide covers the attack vectors, bypass techniques, and layered defenses needed to handle file uploads securely.

May 5, 20227 min read
Secure Development

TypeScript Strict Mode Security Benefits: More Than Just Type Safety

TypeScript's strict mode catches entire categories of bugs at compile time. Some of those bugs have direct security implications.

Jan 12, 20225 min read
web-security (Page 8) — Safeguard Blog