Industry Analysis
In-depth guides and analysis on industry analysis from the Safeguard engineering team.
294 articles
RSA Conference 2026: Supply Chain Themes
RSA Conference 2026 centered on AI governance, software supply chain regulation, and vendor consolidation. Here is the analyst view of what mattered.
How to automate TLS certificates with Let's Encrypt
A step-by-step guide to automating TLS certificates with Let's Encrypt using certbot and cert-manager, plus verification steps so renewals never silently fail.
How to configure DNSSEC
A practical, command-by-command guide to configure DNSSEC on managed and self-hosted DNS, verify the chain of trust, and prevent DNS spoofing across your supply chain.
How to set up SPF, DKIM, and DMARC for email security
A step-by-step guide to setting up SPF, DKIM, and DMARC records to stop email spoofing and secure your domain sending reputation.
Rust memory safety vulnerabilities despite the borrow che...
The borrow checker doesn't stop everything. Here's how rust unsafe code vulnerabilities slip past Rust's safety guarantees and reach production.
SBOM as a Product, Not a Checkbox
Most SBOMs are generated, filed, and forgotten. Treating them as compliance artifacts rather than operational products is why they have not paid off — and how to fix it.
Auditing unsafe Rust FFI boundaries for memory corruption...
A step-by-step rust ffi security audit: map unsafe boundaries, fuzz with cargo-fuzz, run Miri and sanitizers, and verify ownership to catch memory corruption before shipping.
State of Vulnerability Management 2026 Report
Where vulnerability management actually stands in 2026: KEV-driven prioritization, reachability, SLAs that hold, and the tools teams are consolidating onto.
Goroutine leaks and data races as denial-of-service and s...
Goroutine leaks and data races aren't just bugs — they're exploitable DoS and logic-corruption vectors. Here's how they work, real incidents, and how Safeguard catches them.
DEF CON 33 Software Supply Chain Sessions Recap
DEF CON 33 brought hacker-energy attention to package ecosystems, CI/CD abuse, and AppSec Village. Here is what supply chain defenders should take home.
Ruby deserialization vulnerabilities: Marshal.load, YAML....
A decade of Ruby CVEs — from CVE-2013-0156 to CVE-2022-32224 — shows how Marshal.load and YAML.load turn untrusted input into remote code execution.
Erlang/OTP atom exhaustion and deserialization risks in E...
How the elixir atom exhaustion vulnerability lets attackers crash BEAM nodes via unsafe binary_to_term calls, and how Safeguard catches the pattern before it ships.