Compliance
In-depth guides and analysis on compliance from the Safeguard engineering team.
254 articles
Canada's Cybersecurity Strategy and the Push for SBOM Adoption
Canada is integrating software supply chain security into its national cyber strategy. Here's where SBOMs fit in and what's coming next.
Japan's Approach to Cybersecurity and Software Supply Chain Security
Japan is rapidly building cybersecurity policy around software supply chain risk. Here's what the regulatory landscape looks like and where it's headed.
ITAR and EAR Export Controls: What Software Teams Need to Know
Export control regulations affect software development more than most teams realize. Here's how ITAR and EAR intersect with software supply chains.
SWIFT CSCF: Software Security Requirements for Financial Messaging
SWIFT's Customer Security Controls Framework sets mandatory security baselines for financial institutions. Here's the software supply chain angle.
HIPAA and Software Supply Chain Compliance for Health Tech
HIPAA's Security Rule requires safeguards that extend to software dependencies. Here's what health tech developers and vendors need to address.
FISMA and Federal Software Security: Supply Chain Requirements Explained
FISMA's authorization framework creates strict requirements for software in federal systems. Here's how supply chain security fits into the ATO process.
Australia's Critical Infrastructure Security Act and Software Supply Chain Risk
Australia's SOCI Act imposes strict cybersecurity obligations on critical infrastructure. Here's what software suppliers need to understand.
CCPA/CPRA and Software Security: What Developers Must Know
California's privacy laws impose security obligations on software that handles consumer data. Here's how CCPA and CPRA intersect with supply chain risk.
GLBA and Financial Software Security: Safeguards Rule Deep Dive
The GLBA Safeguards Rule now requires specific cybersecurity controls for financial institutions. Here's how it affects software supply chains.
GDPR and Software Supply Chain Obligations You Can't Ignore
GDPR's security requirements extend deep into software supply chains. Here's where data protection law meets dependency management.
SOX Compliance in Software Development: The Supply Chain Angle
Sarbanes-Oxley requirements for internal controls extend into software development and supply chain integrity. Here's the connection most teams miss.
Software Transparency and the EU Cyber Resilience Act
The EU Cyber Resilience Act is rewriting the rules for software sold in Europe. Mandatory vulnerability handling, SBOM requirements, and security-by-design obligations are coming for every vendor.