Safeguard
Tag

attack-surface-management

Safeguard articles tagged "attack-surface-management" — guides, analysis, and best practices for software supply chain and application security.

14 articles

Application Security

Exposed .git Directories and the Git Internals That Leak Your Source

Roughly 4.96 million IPs expose .git metadata today, and over 252,000 leak live credentials in .git/config — a 2018-era bug that never went away.

Jul 15, 20266 min read
Cloud Security

Know your cloud environment: a practical asset inventory methodology

Gartner projects that through 2025, 99% of cloud security failures will be the customer's fault — almost always because an asset nobody tracked got misconfigured.

Jul 12, 20267 min read
Application Security

Why asset inventory should come before AppSec tooling

Only 17% of organizations can inventory 95%+ of their assets, and 69% have been breached through one they didn't know existed — start with the map, not the scanner.

Jul 8, 20267 min read
Best Practices

A Step-by-Step Methodology for Mapping and Prioritizing Attack Surface

CVE-2023-34362 sat in one internet-facing file-transfer server and still produced thousands of downstream breaches — attack surface mapping is what catches that server before Cl0p does.

Jul 8, 20267 min read
Software Supply Chain Security

Understanding the software supply chain attack surface

SolarWinds, Log4Shell, and XZ Utils show the software supply chain attack surface is bigger than any single scan. Here's how to actually map and shrink it.

Jun 29, 20267 min read
Vulnerability Management

ASM vs. Penetration Testing: how they differ and work tog...

ASM and pen testing measure different things at different speeds. See how Safeguard's supply-chain-native ASM complements cloud-focused tools like Wiz—and manual testing.

Apr 23, 20268 min read
Vulnerability Management

Attack Surface Management Tools: 2026 comparison guide

Wiz secures your cloud footprint; Safeguard secures what ships into it. A 2026 comparison of attack surface management tools across supply chain vs. cloud scope.

Apr 23, 20267 min read
Vulnerability Management

Attack Surface Management (ASM): discovery, monitoring, m...

ASM isn't just cloud exposure. See why discovery, monitoring, mapping, and reduction must extend into the software supply chain—and where tools like Wiz fall short.

Apr 19, 20268 min read
Application Security

What is Attack Surface Management

Attack surface management explained: what it covers, how it differs from vulnerability management, and why CISA and Gartner now treat it as core AppSec.

Apr 9, 20266 min read
Application Security

What is an Attack Surface

An attack surface is every exposed point attackers can use to get in — code, configs, credentials, and dependencies. Here's how to define, measure, and shrink it.

Apr 9, 20267 min read
Application Security

Attack Surface Management (ASM): best practices guide

A practical attack surface management best practices guide for software supply chains, covering SBOMs, base image hardening, CI/CD exposure, and a 90-day rollout plan.

Apr 4, 20268 min read
Application Security

What is Attack Path Analysis

Attack path analysis maps how vulnerabilities and misconfigurations chain together into real exploit routes, cutting 10,000+ findings down to the handful that matter.

Feb 12, 20267 min read
attack-surface-management — Safeguard Blog