Safeguard
Topic

Vulnerability Management

In-depth guides and analysis on vulnerability management from the Safeguard engineering team.

133 articles

Vulnerability Management

Fortinet FortiOS CVE-2024-21762: Exploitation Patterns

CVE-2024-21762 gave attackers pre-auth RCE on FortiGate SSL VPN. We trace the exploitation patterns, scanner behavior, and who got hit first.

Feb 18, 20245 min read
Vulnerability Management

Vulnerability SLA Compliance Tracking That Actually Works

Most organizations define vulnerability SLAs and then fail to meet them. The problem is not motivation. It is measurement and process.

Jan 12, 20245 min read
Vulnerability Management

Firmware Analysis and Reverse Engineering for Security Teams

Firmware is the forgotten attack surface. Here are the techniques security teams use to uncover hidden vulnerabilities in embedded software.

Dec 8, 20235 min read
Vulnerability Management

govulncheck in Production Integration

govulncheck is the best vulnerability scanner the Go ecosystem has ever had, but turning it from a demo into a production gate takes more than adding a CI step.

Nov 8, 20237 min read
Vulnerability Management

A History of Browser Sandbox Escapes and What They Teach Us

Browser sandboxes are the last line of defense against web-based attacks. When they fail, everything is exposed. Here is what the major escapes reveal.

Oct 25, 20235 min read
Vulnerability Management

Vulnerability Remediation SLAs: Best Practices for Real Teams

Setting vulnerability remediation deadlines is easy. Actually meeting them is hard. This guide covers practical SLA frameworks that balance security urgency with engineering reality.

Aug 15, 20238 min read
Vulnerability Management

OSV Schema: The Open Source Vulnerability Database Format Explained

OSV provides a standardized format for vulnerability data that is purpose-built for open-source ecosystems. Here is how it works and why it is better than NVD for dependency scanning.

Aug 5, 20237 min read
Vulnerability Management

Vulnerability Chaining: Real-World Examples and Defense Strategies

Individual vulnerabilities rarely tell the full story. This deep dive examines how attackers chain low-severity bugs into devastating exploits and how defenders can break the chain.

Jul 12, 20237 min read
Vulnerability Management

Understanding EPSS: Exploit Prediction Scoring System Explained

EPSS offers a data-driven approach to vulnerability prioritization. Learn how it works, how it compares to CVSS, and why your team should care.

Mar 15, 20236 min read
Vulnerability Management

Vulnerability Correlation Across Package Ecosystems

The same vulnerability often appears under different identifiers across npm, PyPI, Maven, and other ecosystems. Here is how to correlate vulnerabilities across ecosystems and why it matters.

Nov 22, 20226 min read
Vulnerability Management

CPE Naming Convention and the Vulnerability Matching Problem

CPE is the backbone of NVD vulnerability matching, and it is deeply flawed. Understanding its limitations is essential for accurate vulnerability management.

Jun 15, 20226 min read
Vulnerability Management

Image Parsing Vulnerabilities in Dependencies: The Pixel-Level Threat

Every application that processes images depends on parsing libraries with a long history of memory corruption bugs. Here is what is at stake.

May 18, 20225 min read
Vulnerability Management (Page 11) — Supply Chain Security Blog | Safeguard