Vulnerability Management
In-depth guides and analysis on vulnerability management from the Safeguard engineering team.
133 articles
Citrix Bleed 2: Analysis and Mitigation
CVE-2025-5777 revived the memory-leak pattern that broke NetScaler in 2023. Here is what the 2025 variant does, who is exploiting it, and how to respond.
Vulnerability Prioritization in 2025: EPSS, VEX, and the End of CVSS-Only Triage
CVSS scores alone cannot tell you what to patch first. EPSS exploit prediction and VEX documents are reshaping how mature security teams prioritize vulnerabilities at scale.
AWS Service-Linked Role Abuse Techniques, 2025
Service-linked roles are the soft underbelly of AWS IAM. We catalogue the 2024-2025 abuse primitives and the detection queries that catch them.
How to Run Grype in Offline/Airgap Environments
A hands-on tutorial for running Grype vulnerability scans in offline and airgapped environments, including vulnerability database hosting and CI integration.
Exploit Chaining: A Supply Chain Perspective
How attackers chain low and medium severity flaws across dependencies to reach critical impact, and why supply chain context changes triage priorities.
Dataflow Analysis in Modern Codebases
Dataflow analysis is the workhorse behind most vulnerability research. Here's how it adapts to TypeScript, Rust, and the polyglot realities of modern software.
How to Build a Vulnerability SLA Dashboard
Track remediation SLAs across projects with a self-service dashboard that surfaces aging findings, breach risk, and team accountability — complete code inside.
Differential Testing for Supply Chain Vulns
Differential testing compares the behavior of multiple implementations of the same specification. In supply-chain work, it surfaces bugs that nobody else can see.
Vulnerability Intelligence Platforms Compared for Supply Chain Security
Vulnerability intelligence platforms aggregate, enrich, and prioritize vulnerability data. This comparison examines how leading platforms handle supply chain-specific intelligence needs.
Supply Chain IoC Catalog
A practical catalog of indicators of compromise for software supply chain attacks, with detection queries and false-positive notes.
Cisco ASA Firepower Zero-Day Trends, 2024 Edition
Six zero-days against ASA and FTD in 2024, two tied to ArcaneDoor. We chart the trend, the CVSS distribution, and the patch-to-exploit gap.
A Framework for Security Patch Prioritization
You cannot patch everything immediately. Here is a risk-based framework for deciding which patches to apply first when your vulnerability backlog exceeds your capacity.