Application Security
TypeScript Security Best Practices
How TypeScript's type system helps catch security bugs at compile time, and what it cannot protect you from.
Oct 15, 20235 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
How TypeScript's type system helps catch security bugs at compile time, and what it cannot protect you from.
A step-by-step tutorial for turning on GitHub Dependency Review, enforcing license and severity policies, and getting fast feedback on every pull request.
PWAs blur the line between websites and applications. Their security model is browser-based, which introduces different risks than native applications.
Both scratch and distroless promise minimal attack surface. The right choice depends on your runtime, your debugging needs, and your tolerance for complexity.
Your incident response plan is untested until people have walked through it under pressure. Here is how to design and run tabletop exercises that actually prepare your team for supply chain compromises.
Deserialization vulnerabilities turn data into code execution. Here is how they work, which languages are most affected, and how to defend against them.
A heap buffer overflow in curl's SOCKS5 proxy handshake earned a severity rating of HIGH from curl's creator Daniel Stenberg, who called it the worst curl flaw in a long time.
CVE-2023-44487 exploits a design flaw in HTTP/2 to amplify DDoS attacks, enabling record-breaking attacks peaking at 398 million requests per second.
CNAPP promises unified cloud security. Here is what it actually delivers, where it falls short, and how to evaluate platforms honestly.
Weekly insights on software supply chain security, delivered to your inbox.