Safeguard
Topic

Secure Development

In-depth guides and analysis on secure development from the Safeguard engineering team.

7 articles

Secure Development

TLS Library Comparison: OpenSSL vs. LibreSSL vs. BoringSSL

Three forks of the same codebase, three different security philosophies. Here is how to choose the right TLS library for your project.

Sep 20, 20255 min read
Secure Development

Node.js Permission Model: Restricting What Your Code Can Do

Node.js finally has an experimental permission model. It is a significant step toward containing supply chain attacks, but it has important limitations.

Mar 18, 20245 min read
Secure Development

Bun Runtime Security Considerations: Speed vs. Safety Trade-offs

Bun prioritizes performance over Node.js compatibility. But some of those performance choices have security implications worth understanding.

Jan 14, 20245 min read
Secure Development

Deno Security Model Advantages: Runtime Permissions Done Right

Deno requires explicit permission grants for file, network, and environment access. This capability-based model changes the supply chain risk equation.

Nov 5, 20235 min read
Secure Development

Swift Security Analysis Tools: The Current Landscape

Swift's type safety helps, but it does not eliminate all security bugs. Here is the current tooling landscape for finding vulnerabilities in Swift code.

May 20, 20235 min read
Secure Development

Clippy Rust Security Lints: Catching What the Borrow Checker Misses

Rust's compiler catches memory safety bugs. Clippy catches everything else -- including security anti-patterns the borrow checker does not care about.

Jul 22, 20225 min read
Secure Development

TypeScript Strict Mode Security Benefits: More Than Just Type Safety

TypeScript's strict mode catches entire categories of bugs at compile time. Some of those bugs have direct security implications.

Jan 12, 20225 min read
Secure Development — Supply Chain Security Blog | Safeguard