Tutorials
In-depth guides and analysis on tutorials from the Safeguard engineering team.
24 articles
How to Create an AIBOM for Your AI Models
Build an AI Bill of Materials that inventories the models, datasets, adapters, and MCP tools your application depends on — using CycloneDX ML-BOM and commands you can run today.
How to Report a Security Vulnerability
You found a security bug — now what? This beginner guide walks through reporting a vulnerability responsibly, from finding the right contact to writing a clear report.
How to Choose a Security Scanner
There are dozens of security scanners and the marketing all sounds the same. This beginner guide gives you a simple, hands-on way to pick the right one.
How to Remediate Transitive Dependency Vulnerabilities
Fix vulnerabilities in the nested packages you never installed directly — trace the import chain, choose between upgrading the parent or overriding the child, and verify the fix without breaking builds.
How to Secure Your Open Source Dependencies
Most of your code is code you didn't write. This beginner guide covers the practical habits that keep your open-source dependencies safe, from lockfiles to scanning.
How to Set Up a Vulnerability Policy Gate
Define a written, version-controlled policy for which vulnerabilities block a release, enforce it consistently across CLI and CI, and manage time-boxed exceptions without an allowlist that lives forever.
How to Audit npm Dependencies for Vulnerabilities
Go beyond npm audit's noisy output — resolve your dependency tree, prioritize by reachability, and fix both direct and transitive vulnerabilities in a Node.js project the right way.
How to Prioritize Vulnerabilities
A scan gave you a hundred findings and you can't fix them all today. This beginner guide teaches a simple, sensible order for deciding what to fix first.
How to Scan for Secrets in a Git Repository
Find hardcoded API keys, tokens, and credentials in your working tree and full Git history, stop new leaks at commit time, and remediate a secret that has already been pushed.
How to Update Dependencies Safely
Updating a library can fix a vulnerability or break your app. This beginner guide shows you how to update dependencies safely, one careful step at a time.
How to Add Security Scanning to Your CI/CD Pipeline
Wire dependency, container, and secret scanning into GitHub Actions or GitLab CI as a required check that blocks risky merges — with working workflow files and sensible thresholds.
How to Read an SBOM
An SBOM is a list of everything inside your software. This beginner guide shows you how to open one, understand each field, and turn it into something useful.