Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Southeast Asia's booming tech sector is building fast but securing slowly. Supply chain attacks targeting the region are increasing, and most organizations lack basic visibility into their dependencies.
Compare Trivy and Grype on vulnerability database sources, scan speed, OS coverage, SBOM integration, and CI ergonomics to pick the right open source container scanner.
Okta disclosed that attackers used stolen credentials to access its customer support system, downloading HAR files containing session tokens for multiple customers.
Most CISO board reports contain too many technical details and not enough business context. Here is a reporting template that communicates security posture in terms boards understand.
Five takeaways from the supply chain sessions at RSA Conference 2023, from SBOM adoption skepticism to attestation tooling and federal procurement pressure.
Embedded devices run for decades and rarely get patched. SBOMs bring transparency to firmware that the IoT industry desperately needs.
How Uber rebuilt its security program after the 2016 data breach and the 2022 Lapsus$ compromise, with hard-won lessons about security culture and supply chain controls.
A critical zero-day in Cisco IOS XE's web UI allowed unauthenticated attackers to create admin accounts and deploy implants on over 40,000 devices worldwide.
CVE-2023-20198 in Cisco IOS XE allowed unauthenticated attackers to create admin accounts on network devices. Over 40,000 devices were compromised before Cisco shipped a fix.
Weekly insights on software supply chain security, delivered to your inbox.