Safeguard
Tag

best-practices

Safeguard articles tagged "best-practices" — guides, analysis, and best practices for software supply chain and application security.

105 articles

Vulnerability Management

Risk-Based Prioritisation Beyond CVSS

CVSS tells you severity. It does not tell you risk. Here is how reachability, exploitability, and AI context produce a prioritisation model that survives reality.

Mar 31, 20268 min read
Best Practices

Best Secret Scanning Tools 2026 Comparison

A senior-engineer view of secret-scanning tools worth running in 2026: what TruffleHog, Gitleaks, GitGuardian, and platform-native scanners actually do well.

Mar 31, 20269 min read
Vulnerability Management

Accepting The Unfixable: A Decision Framework

Some vulnerabilities cannot be fixed in any reasonable timeframe. Here is a structured framework for accepting risk responsibly with reachability and AI evidence.

Mar 26, 20268 min read
Vulnerability Management

Ageing Vulnerabilities: Fix vs Mitigate

Old vulnerabilities accumulate quietly until they become a compliance problem. Here is how to decide between fixing and mitigating, with evidence that holds up.

Mar 21, 20268 min read
Vulnerability Management

Vulnerability Burndown Charts That Actually Work

Most burndown charts lie about progress. Here is how to build one that survives executive scrutiny by combining reachability, age cohorts, and inflow data.

Mar 16, 20268 min read
Vulnerability Management

Triage Hand-Off From Security To Engineering

The handoff between security triage and engineering remediation is where most programs lose time. Here is how to fix it with context-rich PRs and AI.

Mar 11, 20267 min read
Best Practices

Vendor Offboarding and Supply Chain Data Destruction

A practical playbook for offboarding software vendors and ensuring data is actually destroyed, not just promised to be destroyed, across complex subprocessor chains.

Mar 9, 20267 min read
Vulnerability Management

Dependabot Noise Reduction Techniques For 2026

Dependabot is useful when tuned and a productivity tax when not. Here are the noise reduction techniques that actually work in modern monorepos.

Mar 6, 20267 min read
Best Practices

Procurement Security Questionnaires That Actually Work

How to design a supplier security questionnaire that produces usable signal, what to cut from standard templates, and how to integrate the output into real risk decisions.

Mar 6, 20267 min read
Best Practices

Right-to-Repair and Software Supply Chain Security

How the right-to-repair movement is reshaping software supply chain obligations in 2026, from firmware transparency to the security implications of mandated component access.

Mar 3, 20267 min read
Vulnerability Management

SLO-Driven Vulnerability Management Program

Service-level objectives turn vulnerability management from heroics into a measurable program. Here is how to define SLOs that survive contact with reality.

Mar 1, 20268 min read
Best Practices

Reachability-Driven Incident Response Playbook

When CVE-X is announced and the world panics, reachability is the data that tells you whether to wake up the on-call team or wait until Monday.

Feb 28, 20263 min read
best-practices (Page 3) — Safeguard Blog