Safeguard
Topic

DevSecOps

In-depth guides and analysis on devsecops from the Safeguard engineering team.

378 articles

DevSecOps

WebAssembly WASI Security Model in 2025

A technical look at WASI Preview 2, the component model, and capability-based isolation for running untrusted code inside supply chain tooling.

Nov 5, 20255 min read
DevSecOps

Best secure software development lifecycle (SSDLC) platforms

A practical buyer's guide to SSDLC platforms in 2026 — evaluation criteria, an honest roundup of six real vendors, and where Safeguard fits in.

Nov 4, 20257 min read
DevSecOps

Security in the SDLC: Where It Actually Belongs

Bolting a scanner on before release doesn't count as shift-left. Here's where security actually needs to sit across the SDLC, and why mobile testing is often the weakest link.

Nov 3, 20255 min read
DevSecOps

The Security Development Lifecycle (SDL): A Working Guide

The SDL turned security from a pre-release audit into a discipline applied at every phase of building software. What the lifecycle actually contains, where it came from, and how to run it without a Microsoft-sized team.

Oct 14, 20256 min read
DevSecOps

OWASP Secure Coding Practices: A Working Checklist

OWASP secure coding practices boil down to a handful of checks that catch most real-world vulnerabilities — here's the checklist teams actually use, not the full 200-item reference.

Sep 18, 20255 min read
DevSecOps

Shift-Left Security Testing in Practice

Shift-left security testing means catching vulnerabilities at commit time instead of at deployment — here's what that actually looks like on a working pipeline, not just the slogan.

Sep 17, 20255 min read
DevSecOps

What Is a DevOps Pipeline? Stages, Tools, and Security Gates

A DevOps pipeline is the automated path code takes from commit to production. Here are the stages every pipeline shares, the tools teams actually use, and where security gates belong.

Sep 17, 20255 min read
DevSecOps

DevOps Maturity Models, Explained

What a devops maturity model actually measures, why devops mttr alone is a weak proxy for maturity, and how teams can measure whether devops delivery value is improving.

Aug 21, 20255 min read
DevSecOps

How to Add Reachability Analysis to PR Checks

Run reachability analysis on every pull request to slash vulnerability false positives by 70%+, gate merges on exploitable findings, and keep devs focused.

Aug 20, 20255 min read
DevSecOps

How Snyk CLI's --severity-threshold and --fail-on flags g...

How Snyk CLI severity-threshold and fail-on flags filter and gate vulnerability findings, plus exit codes and common CI/CD misconfigurations.

Aug 17, 20257 min read
DevSecOps

How Snyk's GitLab CI/CD template integrates security gate...

A technical look at how Snyk's GitLab CI/CD template authenticates, scans, and uses severity thresholds to block merge requests with known vulnerabilities.

Aug 16, 20257 min read
DevSecOps

How Snyk's Azure Pipelines and Bitbucket Pipelines integr...

Snyk's CLI, Azure Pipelines extension, and Bitbucket pipe handle auth, gating, and reporting differently — here's how each mechanism actually works under the hood.

Aug 15, 20257 min read
DevSecOps (Page 18) — Supply Chain Security Blog | Safeguard