Safeguard
Topic

Standards

In-depth guides and analysis on standards from the Safeguard engineering team.

8 articles

Standards

NIST SSDF 1.2 Draft: What the Comment Period Revealed

NIST opened public comment on SP 800-218r1 SSDF v1.2 on December 17, 2025. The draft adds AI development practices, refines supply-chain controls, and aligns with EO 14306.

Feb 26, 20267 min read
Standards

ISO/IEC 42001: AI Management Systems Reach Adoption Critical Mass

ISO/IEC 42001:2023 went from new-standard status to enterprise compliance benchmark in 2025, with major SaaS vendors certifying and the EU AI Act referencing it as a harmonized pathway.

Feb 10, 20267 min read
Standards

ISA-TR62443-2-2-2025: Security Protection Schemes for IACS

The ISA released TR62443-2-2-2025 in December 2025, giving industrial operators actionable guidance for designing and validating a Security Protection Scheme. Here is what changed in OT defender practice.

Jan 21, 20267 min read
Standards

CycloneDX 1.7 Ratified as ECMA-424 2nd Edition (December 2025)

CycloneDX v1.7 was adopted as ECMA-424, 2nd Edition by the Ecma General Assembly in December 2025. We unpack citations, cryptographic assets, and distribution constraints.

Dec 15, 20255 min read
Standards

CycloneDX 1.7 Deep Dive: Cryptography, Citations, and Patents

CycloneDX 1.7 released in October 2025 with first-class cryptography metadata, a new Citations element, and patent-aware IP fields. We walk through what changed and which producers should adopt now.

Dec 9, 20257 min read
Standards

NIST SP 800-53 Release 5.2.0: Three New Controls You Cannot Ignore

NIST released SP 800-53 5.2.0 on August 27, 2025 with three new controls focused on patch root-cause analysis, structured logging, and cyber resiliency. Here is what it means for compliance teams.

Oct 13, 20257 min read
Standards

SPDX 3.0.1: The Patch Release That Cleared ISO and OMG Submission

SPDX 3.0.1 was announced on December 27, 2024, bundling fixes from 3.0.0 implementation and the edits required for OMG SPDX/3.0 and ISO/IEC submission.

Jan 8, 20255 min read
Standards

Cryptographic Bill of Materials (CBOM): The Next Frontier

Post-quantum cryptography migration requires knowing what cryptographic algorithms your software uses. CBOMs provide that inventory. Here is what they are and why they matter.

Nov 10, 20247 min read
Standards — Supply Chain Security Blog | Safeguard