Vulnerability Management
Palo Alto GlobalProtect Zero-Day: Response Timeline
CVE-2024-3400 hit GlobalProtect with pre-auth RCE and ongoing exploitation. Here is the response timeline, the UPSTYLE tradecraft, and what worked.
Apr 18, 20245 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
CVE-2024-3400 hit GlobalProtect with pre-auth RCE and ongoing exploitation. Here is the response timeline, the UPSTYLE tradecraft, and what worked.
PyPI's flat global namespace is one of Python packaging's oldest design decisions. How it's governed today, where the tension points are, and what the PEP 752 debate means for the future.
A look at how RubyGems.org rolled out mandatory 2FA for high-traffic gem maintainers, what it has caught, and what gaps still remain in the account-compromise defense story.
Rekor is the transparency log behind Sigstore, and understanding its operational model matters more than most teams realise. Here is how we run against it in production.
Black Basta evolved from a Conti offshoot into one of the most technically advanced ransomware operations, using novel initial access methods and sophisticated evasion techniques.
Insurers manage massive amounts of sensitive data through complex software systems. Here's how the insurance industry should approach software supply chain risk.
The UK's PSTI Act bans default passwords and mandates vulnerability disclosure. Here's what it means for software embedded in connected products.
Your CI/CD pipeline is a high-value target. Here's how to pen test build systems, artifact repositories, and deployment workflows for supply chain vulnerabilities.
The supply-chain risks unique to GCP Cloud Functions: dependency resolution at deploy time, buildpack trust, runtime identity, and the audit trail the service does and does not give you.
Weekly insights on software supply chain security, delivered to your inbox.