Best Practices
In-depth guides and analysis on best practices from the Safeguard engineering team.
252 articles
Vendor Incident Coordination In The 72-Hour Window
Most vendor incidents go badly because the first 72 hours are spent figuring out who to call. A pre-built coordination playbook turns chaos into a rehearsed response.
Buyer Guide: Software Supply Chain Security 2026
A senior-engineer buyer guide for software supply chain security in 2026: what the categories mean, what to test, and what to ignore in vendor pitches.
Oncall Rotation Design For Modern SecOps
Oncall rotations break for SecOps because the work is asynchronous and the alerts are noisy. Here is a rotation design that respects both, with the tooling to back it up.
Break-Glass Workflow Design: Audited Bypass That Works
Every policy needs a bypass path or it will be routed around. The trick is making the bypass auditable, time-bound, and rare enough to remain meaningful.
Best Secret Scanning Tools 2026 Comparison
A senior-engineer view of secret-scanning tools worth running in 2026: what TruffleHog, Gitleaks, GitGuardian, and platform-native scanners actually do well.
Finding Forgotten Public npm Packages In Your Org
Public npm packages your org published years ago are now an attacker's best targets. Find them before someone else does.
TPRM Vendor Tiering By Blast Radius Not Spend
Most TPRM programs tier vendors by spend. That misses the vendors who are cheap but catastrophic when they fail. Tiering by blast radius is the fix.
Purple Team Exercises With Supply Chain Focus
Most purple team exercises stop at the perimeter. A supply-chain-focused exercise probes the dependency graph, the build pipeline, and the trust assumptions in your SBOM.
Incident Response for Supply Chain Attacks: A 2026 Playbook
A practical incident response playbook tailored for supply chain compromises — from initial detection through containment, eradication, and lessons learned.
Runtime Drift Detection For Supply Chain Controls
An admitted workload is not a static one. Runtime drift detection turns the SBOM into a living contract and surfaces supply chain changes before they become incidents.
Flowing Down CMMC And CRA Clauses To Vendors
CMMC 2.0 and the EU Cyber Resilience Act both require obligations to flow down through your supply chain. Here is how to write the clauses and verify the compliance.
Unifying Software And AI Assets In One Graph
Two parallel inventories for software and AI assets do not survive contact with reality. A unified graph is what makes governance feasible.