Safeguard
Tag

best-practices

Safeguard articles tagged "best-practices" — guides, analysis, and best practices for software supply chain and application security.

105 articles

Best Practices

Azure Managed Identities and the Supply Chain

Managed identities are the credential primitive that fixes most supply chain risk in Azure — but only if you use them the way the service actually intends.

Feb 14, 20248 min read
DevSecOps

Secure Development Environment Setup: A Practical Guide

Setting up a secure development environment involves more than installing an IDE. From OS hardening to credential management, here is a comprehensive checklist for security-conscious teams.

Feb 5, 20245 min read
SBOM

SBOM Validation and Quality Checks: Ensuring Your SBOMs Are Actually Useful

A syntactically valid SBOM can still be useless. Here's how to validate structure, completeness, and accuracy to produce SBOMs worth trusting.

May 22, 20236 min read
DevSecOps

SBOM Sharing and Distribution Best Practices

Generating SBOMs is only half the battle. Sharing them securely and effectively with stakeholders requires careful planning and tooling.

Feb 15, 20236 min read
Application Security

Cryptographic Library Selection Guide: Choosing Wisely for Your Stack

Picking the wrong crypto library means either rolling your own crypto or using a library with a poor security track record. Here is how to choose.

Jan 22, 20235 min read
DevSecOps

Release Management Security Checklist

A pre-release security checklist that covers dependency verification, vulnerability scanning, SBOM generation, and artifact integrity for every production release.

Dec 28, 20226 min read
Best Practices

The End-of-Year Dependency Audit Ritual

Most dependency audits get done in a panic after a CVE lands. A planned year-end audit is cheaper, more thorough, and produces a backlog you can actually work through in Q1.

Dec 10, 20226 min read
Best Practices

Secure Coding Practices: A Developer's Guide

Practical secure coding habits every developer should build, covering input validation, authentication, dependency management, and more.

May 18, 20226 min read
DevSecOps

Software Supply Chain Security for Startups: A Practical Guide

You don't need a massive security team to get supply chain security right. Here's a pragmatic, prioritized approach for startups that balances risk reduction with engineering velocity.

Feb 15, 20226 min read
best-practices (Page 9) — Safeguard Blog