Safeguard
Topic

Concepts

In-depth guides and analysis on concepts from the Safeguard engineering team.

116 articles

Concepts

Secure Defaults, Explained

Secure defaults mean the out-of-the-box configuration is the safe one, and weakening it requires a deliberate opt-in. Here's why the default state decides most real-world security outcomes.

Jul 4, 20267 min read
Concepts

Symmetric vs Asymmetric Encryption: What's the Difference?

Symmetric encryption uses one shared key for both locking and unlocking. Asymmetric encryption uses a key pair, one public and one private. One is fast; the other solves the key-sharing problem.

Jul 4, 20266 min read
Concepts

What Is a Security Patch

A security patch is a small update that fixes a specific flaw in software. Here is what patches are, why applying them quickly matters, and how teams manage them.

Jul 4, 20266 min read
Concepts

What Is an Artifact Attestation?

An artifact attestation is a signed, machine-readable claim about a software artifact, bound to it by digest. Here's how the in-toto structure works and what kinds of claims it carries.

Jul 4, 20266 min read
Concepts

What Is a Secure SDLC (Secure Software Development Lifecycle)?

A Secure SDLC embeds security activities into every phase of software development — from planning to production — instead of bolting a security review on at the end. Here's what each phase looks like and how to build one.

Jul 4, 20266 min read
Concepts

What Is the AGPL License? The Network Copyleft, Explained

The GNU Affero GPL closes the SaaS loophole: it extends copyleft to software used over a network. Here is what AGPLv3 requires, why companies treat it cautiously, and what it means for you.

Jul 4, 20266 min read
Concepts

Encryption vs Hashing: What's the Difference?

Encryption scrambles data so it can be unscrambled later with a key. Hashing turns data into a fixed fingerprint that can never be reversed. One protects secrets; the other verifies them.

Jul 3, 20266 min read
Concepts

Understanding SBOM Formats

A software bill of materials is only useful if tools can read it. Two standards dominate — SPDX and CycloneDX — and knowing what each captures, how they differ, and when to use which is the difference between an inventory that works and one that gathers dust.

Jul 3, 20266 min read
Concepts

What Is a Software Dependency

A software dependency is outside code your program relies on to run. Here is what dependencies are, why modern apps have so many, and why they matter for security.

Jul 3, 20266 min read
Concepts

What Is Open Source License Compliance?

Open source license compliance is the practice of tracking every open source component you use and honoring the legal obligations of its license. Get it wrong and you risk lawsuits, forced code disclosure, or a blocked acquisition.

Jul 3, 20266 min read
Concepts

What Is Software Provenance?

Software provenance is the verifiable record of where an artifact came from and how it was built. Here's what a provenance record contains, how it is proven, and why it stops build-time tampering.

Jul 3, 20266 min read
Concepts

What Is the Mozilla Public License (MPL 2.0)?

The Mozilla Public License 2.0 is a file-level copyleft license that sits between permissive and strong copyleft. Here is how its per-file reciprocity works and what it means for your project.

Jul 3, 20266 min read
Concepts (Page 3) — Supply Chain Security Blog | Safeguard