Best Practices
In-depth guides and analysis on best practices from the Safeguard engineering team.
252 articles
What is MITRE ATT&CK
MITRE ATT&CK catalogs real attacker behavior into 14 tactics and 200+ techniques. Here's how it works, how it differs from CVE/CWE, and how to use it.
What is a Kill Chain
What is a cyber kill chain? A staged breakdown of how attacks unfold, from Lockheed Martin's 7 stages to why supply chain attacks break the model.
Renovate Bot Configuration Recipes for 2026
Renovate is the more powerful dependency-update bot, and its config surface is large. Here are the recipes worth knowing and the defaults worth overriding.
How to implement network segmentation in a data center
A step-by-step guide to network segmentation best practices in the data center: mapping traffic, VLANs, microsegmentation, least-privilege rules, and verification.
FAQ: Building an AppSec Program From Scratch
How to stand up an application security program from zero in 2026 — headcount, tooling, first 90 days, metrics, and the traps that waste the first year.
Hiring Software Supply Chain Security Engineers
What to screen for, how to structure interviews, and the signals that distinguish real supply chain security engineers from adjacent AppSec talent in 2026.
What is Threat Detection
Threat detection means spotting active attacks before they succeed. See real dwell-time data, CVE examples, and detection metrics that matter.
How to implement password policy best practices
A step-by-step guide to implement password policy best practices: aligning with NIST guidelines, dropping outdated complexity rules, and rolling out passwordless authentication.
What is a Vulnerability Disclosure Program
What a vulnerability disclosure program actually is, how it differs from a bug bounty, and what CISA, ISO, and the EU CRA now require of it.
FAQ: CycloneDX vs SPDX — Which to Use?
Practical answers to the most common CycloneDX vs SPDX questions: differences, tooling, regulatory preference, VEX support, and when to emit both.
Dependabot Security Update Policies for 2026
A pragmatic guide to configuring Dependabot for security updates: which knobs matter, which defaults are wrong, and how to avoid drowning teams in PRs.
What is a Trust Boundary
A trust boundary is where data crosses into a higher-privilege context and must be verified. Learn where they hide and how breaches like Log4Shell exploited them.