Safeguard
Tag

asset-discovery

Safeguard articles tagged "asset-discovery" — guides, analysis, and best practices for software supply chain and application security.

13 articles

Application Security

How to Discover Shadow and Undocumented APIs Before Attackers Do

A single undocumented API endpoint exposed 10 million Optus records in 2022. Here's how to find shadow APIs in production and assess their real exposure.

Jul 10, 20266 min read
Best Practices

A Step-by-Step Methodology for Mapping and Prioritizing Attack Surface

CVE-2023-34362 sat in one internet-facing file-transfer server and still produced thousands of downstream breaches — attack surface mapping is what catches that server before Cl0p does.

Jul 8, 20267 min read
Best Practices

You Cannot Secure What You Cannot See: Asset Discovery

Most breaches start with an asset nobody remembered owning. Continuous asset discovery is the foundation that every other control depends on.

Apr 12, 20267 min read
Best Practices

Discovering Shadow AI Models In Production

Engineers ship models faster than security can track them. Here is how to find shadow AI in production without slowing the teams that build it.

Apr 8, 20267 min read
Best Practices

Inventory Of MCP Servers: Enterprise Program

MCP servers proliferate faster than governance can track them. Build an inventory program that captures every server, tool, and consumer agent.

Apr 4, 20267 min read
Best Practices

Finding Forgotten Public npm Packages In Your Org

Public npm packages your org published years ago are now an attacker's best targets. Find them before someone else does.

Mar 30, 20267 min read
Best Practices

Unifying Software And AI Assets In One Graph

Two parallel inventories for software and AI assets do not survive contact with reality. A unified graph is what makes governance feasible.

Mar 25, 20267 min read
Best Practices

Asset Discovery For M&A Due Diligence

M&A due diligence runs on questionnaires that nobody can verify. Continuous asset discovery turns the diligence period into a data exercise.

Mar 20, 20267 min read
Best Practices

Runtime Asset Attribution: Pods To Services

Mapping a running pod back to a service, repo, owner, and SBOM is the boring infrastructure that makes every other security control useful.

Mar 15, 20267 min read
Best Practices

Asset Discovery As CMDB Replacement In 2026

The traditional CMDB cannot keep up with cloud, AI, and agent workloads. Continuous discovery is the only model that survives 2026.

Mar 10, 20267 min read
Best Practices

Tracking Vendor-Supplied Binaries In Your Runtime

Vendor binaries run as root and ship without SBOMs. Continuous discovery brings them under the same governance as your own code.

Mar 5, 20267 min read
Best Practices

Continuous Asset Discovery vs Quarterly Inventory

Quarterly inventories are wrong by the time they are signed. Continuous discovery is the only model that matches modern rates of change.

Feb 28, 20267 min read
asset-discovery — Safeguard Blog