Safeguard
Topic

Software Supply Chain Security

In-depth guides and analysis on software supply chain security from the Safeguard engineering team.

175 articles

Software Supply Chain Security

AI BOM Spec Comparison: CycloneDX ML-BOM in 2026

AI bills of materials moved from proposal to procurement requirement. A practical comparison of CycloneDX ML-BOM, SPDX 3.0 AI profile, and what to ship in 2026.

Jan 29, 20266 min read
Software Supply Chain Security

Third-party library risk in Android apps: permissions, SD...

Every Android app runs dozens of third-party SDKs with full app permissions. Here's how android third-party library risk turns into real data leaks — and how Safeguard catches it first.

Jan 28, 20267 min read
Software Supply Chain Security

Detecting Model Supply Chain Poisoning in 2026

Poisoning attacks against the model supply chain have moved from research to incident reports. What detection looks like when the attack surface includes weights.

Jan 22, 20266 min read
Software Supply Chain Security

What is Software Supply Chain Risk Scoring

CVSS alone can't tell you what to fix first. Here's how supply chain risk scoring blends exploitability, reachability, and provenance into one actionable number.

Jan 20, 20267 min read
Software Supply Chain Security

What is a Malicious Commit / Compromised Maintainer Account

When an attacker steals a maintainer's credentials, every user of that package inherits the compromise. Here's how it happens and how to catch it.

Jan 19, 20267 min read
Software Supply Chain Security

Software supply chain security for core banking systems

How core banking system supply chain security failures happen, what they cost, and how SBOMs and vendor risk monitoring keep core banking platforms safe.

Jan 5, 20267 min read
Software Supply Chain Security

Securing the payment gateway software supply chain

A single compromised script or dependency can silently harvest card data at checkout. Here's what payment gateway supply chain security actually requires in 2026.

Jan 4, 20267 min read
Software Supply Chain Security

Software supply chain risk in cryptocurrency exchange and...

How compromised wallet SDKs, smart contract dependencies, and stale third-party audits are driving nine-figure crypto exchange breaches like Bybit and Ledger.

Jan 3, 20267 min read
Software Supply Chain Security

Software supply chain security for medical devices

How FDA premarket cybersecurity rules, medical device SBOMs, and firmware vulnerabilities like Ripple20 and SweynTooth are reshaping supply chain security for connected medical devices.

Jan 3, 20267 min read
Software Supply Chain Security

Securing electronic health record (EHR) software supply c...

How the Change Healthcare breach, weak EHR vendor risk management, and exposed HL7 FHIR APIs turned healthcare's software supply chain into its biggest security gap.

Jan 2, 20267 min read
Software Supply Chain Security

How to conduct a software supply chain risk assessment fo...

A step-by-step guide for insurance carriers to assess software supply chain risk in vendor portfolios, from SBOM collection to continuous monitoring.

Dec 30, 20258 min read
Software Supply Chain Security

Software supply chain security for connected and autonomo...

Modern cars run 100M+ lines of code across 150 ECUs from untracked suppliers. Here's why connected vehicle software supply chain security now demands real SBOMs, not compliance checkboxes.

Dec 30, 20257 min read
Software Supply Chain Security (Page 9) — Supply Chain Security Blog | Safeguard