Safeguard
Topic

Industry Analysis

In-depth guides and analysis on industry analysis from the Safeguard engineering team.

294 articles

Industry Analysis

RSA Conference 2026: Supply Chain Themes

RSA Conference 2026 centered on AI governance, software supply chain regulation, and vendor consolidation. Here is the analyst view of what mattered.

Feb 9, 20268 min read
Industry Analysis

How to automate TLS certificates with Let's Encrypt

A step-by-step guide to automating TLS certificates with Let's Encrypt using certbot and cert-manager, plus verification steps so renewals never silently fail.

Feb 9, 20268 min read
Industry Analysis

How to configure DNSSEC

A practical, command-by-command guide to configure DNSSEC on managed and self-hosted DNS, verify the chain of trust, and prevent DNS spoofing across your supply chain.

Feb 8, 20267 min read
Industry Analysis

How to set up SPF, DKIM, and DMARC for email security

A step-by-step guide to setting up SPF, DKIM, and DMARC records to stop email spoofing and secure your domain sending reputation.

Feb 7, 20268 min read
Industry Analysis

Rust memory safety vulnerabilities despite the borrow che...

The borrow checker doesn't stop everything. Here's how rust unsafe code vulnerabilities slip past Rust's safety guarantees and reach production.

Feb 6, 20267 min read
Industry Analysis

SBOM as a Product, Not a Checkbox

Most SBOMs are generated, filed, and forgotten. Treating them as compliance artifacts rather than operational products is why they have not paid off — and how to fix it.

Feb 5, 20267 min read
Industry Analysis

Auditing unsafe Rust FFI boundaries for memory corruption...

A step-by-step rust ffi security audit: map unsafe boundaries, fuzz with cargo-fuzz, run Miri and sanitizers, and verify ownership to catch memory corruption before shipping.

Feb 5, 20268 min read
Industry Analysis

State of Vulnerability Management 2026 Report

Where vulnerability management actually stands in 2026: KEV-driven prioritization, reachability, SLAs that hold, and the tools teams are consolidating onto.

Feb 4, 20268 min read
Industry Analysis

Goroutine leaks and data races as denial-of-service and s...

Goroutine leaks and data races aren't just bugs — they're exploitable DoS and logic-corruption vectors. Here's how they work, real incidents, and how Safeguard catches them.

Feb 3, 20267 min read
Industry Analysis

DEF CON 33 Software Supply Chain Sessions Recap

DEF CON 33 brought hacker-energy attention to package ecosystems, CI/CD abuse, and AppSec Village. Here is what supply chain defenders should take home.

Feb 2, 20267 min read
Industry Analysis

Ruby deserialization vulnerabilities: Marshal.load, YAML....

A decade of Ruby CVEs — from CVE-2013-0156 to CVE-2022-32224 — shows how Marshal.load and YAML.load turn untrusted input into remote code execution.

Feb 2, 20268 min read
Industry Analysis

Erlang/OTP atom exhaustion and deserialization risks in E...

How the elixir atom exhaustion vulnerability lets attackers crash BEAM nodes via unsafe binary_to_term calls, and how Safeguard catches the pattern before it ships.

Feb 1, 20267 min read
Industry Analysis (Page 9) — Supply Chain Security Blog | Safeguard