Safeguard
Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

All (2154)AI Security (335)DevSecOps (175)Best Practices (168)Open Source Security (142)Industry Analysis (100)Vulnerability Analysis (98)Incident Analysis (83)Regulatory Compliance (74)Container Security (74)Application Security (73)Compliance (68)Vulnerability Management (59)Software Supply Chain Security (51)Threat Intelligence (41)Supply Chain Attacks (36)Product (35)Cloud Security (35)SBOM (34)SBOM & Compliance (30)Supply Chain Security (25)Ransomware (21)Infrastructure Security (20)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Dependency Security (11)Web Security (11)Kubernetes Security (9)Company (8)Architecture (8)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Data Breach (7)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Open Source (5)Breach Analysis (5)Code Security (5)Product Launch (4)Offensive Security (4)Tool Comparisons (4)Build Security (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Mobile Security (3)Hardware Security (3)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)Social Engineering (2)DeFi Security (2)Cryptocurrency Security (2)Technical (1)Healthcare (1)Events (1)Frameworks (1)Product Update (1)Standards (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Healthcare Security (1)Credential Attacks (1)Identity Security (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed
Open Source Security

Open Source Malware Detection Techniques for Package Registries

Malicious packages on npm, PyPI, and other registries are surging. Here are the techniques researchers and tools use to detect them.

May 20, 20236 min read
Secure Development

Swift Security Analysis Tools: The Current Landscape

Swift's type safety helps, but it does not eliminate all security bugs. Here is the current tooling landscape for finding vulnerabilities in Swift code.

May 20, 20235 min read
Open Source Security

Inside the Apache Foundation's Security Practices

The Apache Software Foundation oversees 350+ projects including some of the most widely deployed software on earth. Their security practices set the standard for foundation-governed open source.

May 20, 20237 min read
Cloud Security

Serverless Security: Supply Chain Risks in Lambda, Cloud Functions, and Azure Functions

Serverless architectures shift the attack surface from infrastructure to application dependencies. This guide covers the unique supply chain risks of serverless and how to address them.

May 18, 20237 min read
Regulatory Compliance

NIST SSDF v1.1: Practical Adoption Notes

NIST SP 800-218 became the de facto baseline for federal software attestation in 2023. Here is how to adopt SSDF v1.1 without drowning in paperwork.

May 15, 20235 min read
Application Security

Django Security and Supply Chain Guide

Securing Django applications with built-in security features, dependency management, and supply chain protections.

May 15, 20234 min read
Ransomware

Double Extortion Ransomware: How Data Theft Changed the Game

Double extortion transformed ransomware from a reversible nuisance into an irreversible data breach. The evolution from encryption-only to data theft fundamentally changed the threat model.

May 15, 20238 min read
Tools & Platforms

Google Assured Open Source Software: Curated Security for Enterprise Dependencies

Google's Assured OSS service provides enterprise-grade security guarantees for open source packages. It's a compelling model, but it raises questions about who controls the open source supply chain.

May 15, 20239 min read
Industry Trends

Low-Code/No-Code Platforms: The Shadow Supply Chain in Your Organization

Citizen developers are building applications on low-code platforms faster than security teams can assess them. The supply chain risks are real and growing.

May 15, 20235 min read
Page 188 of 240

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.

Blog | Safeguard — Software Supply Chain Security Insights