Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Harrods became the third major UK retailer hit by cyber attacks in weeks, following M&S and Co-op. The pattern points to coordinated campaigns targeting retail.
A critical SSRF vulnerability in Commvault Command Center allowed unauthenticated attackers to achieve remote code execution on backup infrastructure. CISA added it to the KEV catalog.
Service-linked roles are the soft underbelly of AWS IAM. We catalogue the 2024-2025 abuse primitives and the detection queries that catch them.
Audio libraries parse complex binary formats in C code. They share the same vulnerability patterns as image and video codecs, with less security scrutiny.
Nova Scotia Power disclosed a cyber incident in April 2025 that compromised customer data. The attack highlights the persistent vulnerability of utility companies.
A critical file upload vulnerability in SAP NetWeaver Visual Composer was exploited to deploy web shells on enterprise SAP systems. The flaw required no authentication and scored 10.0 on CVSS.
The April 2025 ransomware attack on M&S disrupted online orders for weeks, wiped out hundreds of millions in market value, and exposed retail sector vulnerabilities.
The DevSecOps tooling landscape has exploded. From SAST to SCA to SBOM management, this guide compares the major categories and helps you build a coherent security toolchain.
A comprehensive walkthrough of the Safeguard.sh portal, covering every panel, metric, and workflow that security teams use daily to manage software supply chain risk.
Weekly insights on software supply chain security, delivered to your inbox.