Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Container escapes remain a real threat in multi-tenant environments. A look at the latest techniques, CVEs, and defenses as container security matures in 2023.
Deno requires explicit permission grants for file, network, and environment access. This capability-based model changes the supply chain risk equation.
Dependency hijacking encompasses multiple attack techniques that redirect dependency resolution to attacker-controlled packages. This guide covers all major hijacking vectors and their countermeasures.
Security considerations for Pulumi and Crossplane as infrastructure-as-code alternatives, including unique risks and hardening strategies.
React Native introduces unique security challenges at the intersection of JavaScript and native mobile code. Understanding these risks is essential for securing cross-platform mobile applications.
When a Ruby gem is yanked from RubyGems.org, it creates security risks for projects that depended on it. Understanding the yanking mechanism is critical for Ruby supply chain security.
APIs are now the primary attack surface for most applications. Here is how to test for the OWASP API Security Top 10 risks systematically.
How Cloudflare secures the software supply chain for infrastructure that sits between the internet and millions of websites, with lessons on Rust adoption and edge computing security.
An overview of Wiz's cloud security platform, covering its agentless architecture, graph-based risk analysis, and how it changed expectations for cloud security tooling.
Weekly insights on software supply chain security, delivered to your inbox.