Safeguard
Topic

DevSecOps

In-depth guides and analysis on devsecops from the Safeguard engineering team.

378 articles

DevSecOps

3CX Attack Lessons: What Every Software Vendor Must Do Differently

The 3CX supply chain attack exposed critical gaps in how software vendors protect their build pipelines. Here are the concrete lessons.

Apr 2, 20237 min read
DevSecOps

GitLab CI Security Scanning Setup

Step-by-step guide to enabling SAST, DAST, dependency scanning, and container scanning in GitLab CI pipelines.

Mar 22, 20236 min read
DevSecOps

Ruby Brakeman Security Scanner: Rails-Aware Vulnerability Detection

Brakeman understands Rails conventions and catches security issues that generic scanners miss. Here is how to use it effectively.

Mar 15, 20235 min read
DevSecOps

Git Credential Security for Organizations: Locking Down Source Access

Git credentials are the keys to your source code. Here is how organizations should manage them to prevent unauthorized access and credential theft.

Mar 8, 20234 min read
DevSecOps

Spinnaker Deployment Security

Securing Spinnaker's multi-cloud deployment pipelines with authentication, authorization, pipeline constraints, and artifact verification.

Feb 25, 20235 min read
DevSecOps

gosec: Static Analysis for Go Security

gosec is the standard security linter for Go. Here is what it catches, what it misses, and how to integrate it effectively into your workflow.

Feb 18, 20235 min read
DevSecOps

SBOM Sharing and Distribution Best Practices

Generating SBOMs is only half the battle. Sharing them securely and effectively with stakeholders requires careful planning and tooling.

Feb 15, 20236 min read
DevSecOps

Blue-Green Deployment Security

Security considerations for blue-green deployment strategies including environment parity, rollback integrity, and data migration safety.

Jan 15, 20236 min read
DevSecOps

PHPStan Security Analysis: Static Typing as a Security Tool for PHP

PHPStan brings static analysis to PHP. Its type checking catches entire classes of bugs that lead to security vulnerabilities in PHP applications.

Jan 8, 20235 min read
DevSecOps

Release Management Security Checklist

A pre-release security checklist that covers dependency verification, vulnerability scanning, SBOM generation, and artifact integrity for every production release.

Dec 28, 20226 min read
DevSecOps

GitHub Repository Security Settings Guide

Configure GitHub repository security settings for branch protection, secret scanning, dependency alerts, and code scanning.

Dec 12, 20225 min read
DevSecOps

Jenkins Pipeline Security Hardening

How to lock down Jenkins pipelines against credential theft, script injection, and unauthorized access with practical hardening steps.

Nov 8, 20226 min read
DevSecOps (Page 29) — Supply Chain Security Blog | Safeguard