How-To Guide
In-depth guides and analysis on how-to guide from the Safeguard engineering team.
7 articles
Building a Security Champions Program
A step-by-step guide to launching a security champions program that scales your security team's influence across engineering without hiring a dozen new AppSec engineers.
Automated Security Testing in CI/CD Pipelines
A hands-on guide to embedding SAST, SCA, secret scanning, and container analysis into your CI/CD pipeline without making builds unbearably slow.
Securing Your Private Package Registry
Private package registries are high-value targets for supply chain attackers. Here is how to lock them down, from access controls to dependency confusion prevention.
Automating Vulnerability Remediation: A Practical Guide
Stop drowning in CVE backlogs. Learn how to build automated remediation workflows that fix vulnerabilities faster without burning out your engineering team.
Setting Up Pre-Commit Security Hooks
Catch secrets, vulnerable patterns, and misconfigurations before they reach your repository with pre-commit hooks that developers will actually keep enabled.
Setting Up Dependency Scanning on GitHub
A hands-on walkthrough for configuring automated dependency scanning in your GitHub repositories, from Dependabot alerts to custom CI workflows.
How to Create Your First SBOM
A practical, step-by-step guide to generating your first Software Bill of Materials using open-source tools and integrating it into your development workflow.