Safeguard
Topic

How-To Guide

In-depth guides and analysis on how-to guide from the Safeguard engineering team.

7 articles

How-To Guide

Building a Security Champions Program

A step-by-step guide to launching a security champions program that scales your security team's influence across engineering without hiring a dozen new AppSec engineers.

Feb 28, 20247 min read
How-To Guide

Automated Security Testing in CI/CD Pipelines

A hands-on guide to embedding SAST, SCA, secret scanning, and container analysis into your CI/CD pipeline without making builds unbearably slow.

Jul 22, 20236 min read
How-To Guide

Securing Your Private Package Registry

Private package registries are high-value targets for supply chain attackers. Here is how to lock them down, from access controls to dependency confusion prevention.

May 30, 20236 min read
How-To Guide

Automating Vulnerability Remediation: A Practical Guide

Stop drowning in CVE backlogs. Learn how to build automated remediation workflows that fix vulnerabilities faster without burning out your engineering team.

Nov 8, 20226 min read
How-To Guide

Setting Up Pre-Commit Security Hooks

Catch secrets, vulnerable patterns, and misconfigurations before they reach your repository with pre-commit hooks that developers will actually keep enabled.

Oct 12, 20226 min read
How-To Guide

Setting Up Dependency Scanning on GitHub

A hands-on walkthrough for configuring automated dependency scanning in your GitHub repositories, from Dependabot alerts to custom CI workflows.

Aug 22, 20226 min read
How-To Guide

How to Create Your First SBOM

A practical, step-by-step guide to generating your first Software Bill of Materials using open-source tools and integrating it into your development workflow.

Jul 5, 20225 min read
How-To Guide — Supply Chain Security Blog | Safeguard