Offensive Security
In-depth guides and analysis on offensive security from the Safeguard engineering team.
4 articles
Penetration Testing CI/CD Pipelines
Your CI/CD pipeline is a high-value target. Here's how to pen test build systems, artifact repositories, and deployment workflows for supply chain vulnerabilities.
Red Team Supply Chain Attack Simulation
How red teams can simulate real-world supply chain attacks to test organizational defenses—from dependency confusion to build pipeline compromise.
Penetration Testing the Software Supply Chain
Traditional pentests focus on the application. Supply chain pentesting targets the build pipeline, dependency resolution, and distribution mechanisms. Here is how to approach it.
Bug Bounty Programs with a Supply Chain Focus
Traditional bug bounty programs miss supply chain vulnerabilities. Here's how to design a bounty program that incentivizes researchers to hunt in your dependency chain.