Best Practices
Database Platform Migration: Supply Chain
Database migrations touch every part of the software supply chain. This guide covers how to keep schemas, secrets, and data lineage secure during a platform change.
Sep 18, 20247 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Database migrations touch every part of the software supply chain. This guide covers how to keep schemas, secrets, and data lineage secure during a platform change.
Compare GitGuardian and TruffleHog on detector coverage, validation, historical scans, developer workflow, and pricing to pick the right secret scanning tool.
A tour through the attestations, self-certifications, and supply chain obligations that now shape how governments buy software.
Typosquatting remains a steady drumbeat on PyPI. What detection actually looks like when you're trying to catch it at ecosystem scale, and where the interesting edges are.
Service meshes promise layered policy. The promise is real, but the layers only help if you use them, and most deployments use one.
A detailed walk through the two LastPass breaches of 2022 and their long 2023 tail, reconstructing how a developer laptop became a vault disclosure.
Vulnerability intelligence platforms aggregate, enrich, and prioritize vulnerability data. This comparison examines how leading platforms handle supply chain-specific intelligence needs.
INC Ransom has made healthcare a primary target, exploiting the sector's unique vulnerabilities and urgency. A deep dive into their operations and what healthcare security teams should prioritize.
Generate and validate SLSA v1.0 provenance attestations in GitHub Actions using slsa-verifier, gate releases on builder identity, and prove build integrity.
Weekly insights on software supply chain security, delivered to your inbox.