Safeguard
Cloud Security

Developer empowerment in cloud security: a guardrails-first framework

Gartner estimated through 2025 that 99% of cloud breaches would be the customer's fault, not the provider's — guardrails at the point of action are how you fix that.

Safeguard Research Team
Research
7 min read

In a widely cited 2019 Gartner briefing, the firm predicted that through 2025, 99% of cloud security failures would be the customer's fault — misconfigured storage buckets, over-permissioned IAM roles, and exposed secrets, not flaws in AWS, Azure, or GCP infrastructure itself. That estimate has been repeated across the industry for years, and Verizon's annual Data Breach Investigations Report keeps supplying the receipts: human error and misconfiguration show up as leading contributors year over year, often alongside credential-based attacks against cloud email and collaboration accounts. The uncomfortable implication is that most cloud breaches are not exotic zero-days — they are a developer clicking "public" on an S3 bucket, or a Terraform module inheriting a wildcard IAM policy from a copy-pasted example. Centralized security teams have tried to catch these mistakes with periodic audits and after-the-fact scans for a decade, and the failure rate hasn't moved because the review happens too late to change the outcome. The alternative gaining traction — and the one this post lays out — is to give developers the guardrails, self-service tooling, and feedback loops to catch the mistake themselves, in the same minute they make it, rather than in a compliance review three sprints later.

Why does centralized cloud security review keep failing?

Centralized review fails because it evaluates a decision long after the developer who made it has moved on, which breaks the feedback loop that would let them learn from it. A security team reviewing a Terraform plan a week after merge, or an auditor flagging an open security group during a quarterly pass, is generating findings against infrastructure that's already running in production and against a mental model the engineer no longer holds. DORA's long-running State of DevOps research (the basis for the Accelerate book and yearly reports) consistently finds that elite delivery performers deploy far more frequently than low performers and recover from failures in a fraction of the time — and that gap tracks closely with whether an organization has invested in self-service, guardrail-based platforms versus ticket-driven, centralized gatekeeping. Slow, centralized security review isn't just an operational annoyance; DORA's data ties it directly to worse change-failure rates, because engineers route around friction rather than through it.

What makes a guardrail different from a policy document?

A guardrail is different from a policy document because it is enforced by machinery at the moment a risk appears, rather than described in a wiki page a developer is expected to remember. The distinction matters operationally: a policy that says "no critical CVEs in production" changes nothing if the only check for it is a quarterly PDF report. An enforced guardrail evaluates that same rule as policy-as-code — commonly written in Rego for Open Policy Agent or as a Kyverno ClusterPolicy in Kubernetes — at a real control point: pre-commit, in the CI pipeline, at container registry push, at Kubernetes admission, or via an eBPF-based runtime collector watching for drift after deploy. The Sigstore project (cosign) and the SLSA provenance framework are the concrete, publicly documented plumbing that make this enforceable rather than aspirational: a signed attestation lets an admission controller verify, cryptographically, that an image was built by an approved pipeline before it ever reaches a node.

How do self-service policies keep guardrails from becoming a bottleneck?

Self-service policies keep guardrails from becoming a bottleneck by letting developers see and act on a rule before it blocks them, instead of discovering it as a failed deploy with no context. Safeguard's own policy engine is a useful illustration of the pattern: policy templates like "No Critical Vulnerabilities," "SLSA Level 2," and "EO 14028 Compliance" are defined once, and gate actions — Block, Warn, Notify, or Require Approval — are configurable per policy rather than uniformly punitive. A developer whose PR trips a Warn-level license policy sees it inline in the pull request; one whose build fails a Block-level KEV (CISA Known Exploited Vulnerability) policy gets a machine-readable reason and, where auto-fix is scoped in, a generated pull request that pins the safe version rather than a ticket asking them to go figure it out. That combination — visible policy, proportionate action, and a path to self-remediate — is what keeps guardrails from just becoming a slower version of the audit they replaced.

Where should guardrails actually be enforced?

Guardrails work best enforced at multiple points across the lifecycle rather than one, because a single choke point either arrives too late to be cheap to fix or too early to have full information. IDE and pre-commit checks catch a hardcoded secret or an obviously vulnerable package before it's even in a diff, when the fix costs seconds. CI-stage gates can evaluate a full SBOM and reachability graph, since by then a build actually exists to analyze. Registry and admission-time checks are the last programmatic checkpoint before code runs, verifying signatures (Cosign, Notation) and SLSA provenance on the actual artifact rather than trusting that nothing changed since the CI check ran. Runtime monitoring — an eBPF collector, for instance — is the only point that can catch drift introduced after deployment: a container that starts making unexpected network calls, or a config manually patched by an on-call engineer under pressure. Skipping any one of these layers leaves a gap that the others were never designed to cover.

What should happen when a guardrail needs to be bypassed?

When a guardrail needs to be bypassed, the exception should be time-boxed, attributed, and logged — not a permanent carve-out that quietly outlives the incident that justified it. A legitimate business reason to ship past a Block-level finding exists often enough that a rigid guardrail with no exception path just gets disabled entirely by a frustrated team, which is worse than not having it. The workable pattern, documented in Safeguard's own guardrail and policy-gate design, is a request-and-approve workflow: a developer requests an exception against a specific finding, an approver with the right role grants it for a specific asset and a specific duration, and it expires automatically and appears in the audit log either way. Emergency "breakglass" bypasses should require two-person approval and trigger an alert to the security channel in real time, precisely because they skip the normal review — the audit trail is what lets a security team distinguish a rare, justified exception from a pattern of quiet erosion.

How do you know the framework is actually working?

You know the framework is working when guardrail telemetry shows fewer blocks over time on the same policy, not more approvals to bypass it. Emitting every guardrail decision as an OpenTelemetry span — Allow, Warn, or Block, tagged by policy, team, and asset — turns enforcement into something you can trend on a dashboard instead of something you only notice when it fires. A policy that blocks thousands of times a week across many teams is a signal the policy needs auto-fix or refinement, not that developers need more warnings. Package-level guardrails illustrate the same principle at install time: an install-time proxy fronting npm and pip that evaluates every fetch — including transitive dependencies — for typosquatting, dependency confusion, and known-malware signatures can run in audit mode first to baseline false-positive rates before flipping to warn or block, so the rollout itself doesn't become the bottleneck it was meant to remove.

Shifting cloud security ownership to developers doesn't mean shifting the risk onto them unsupported — it means giving them the same enforcement machinery a centralized team would use, at the point where a decision is still cheap to change. Guardrails encoded as policy-as-code, self-service visibility into why something failed, multiple enforcement points instead of one late gate, and an honest, audited exception path are the structural pieces. Get those right, and the Gartner-style "99% customer failure" number stops being an indictment of developers and starts being a description of exactly where the fix has to live.

Never miss an update

Weekly insights on software supply chain security, delivered to your inbox.