case-study
Safeguard articles tagged "case-study" — guides, analysis, and best practices for software supply chain and application security.
18 articles
The SolarWinds Orion supply chain attack explained
How SUNBURST hid inside a signed SolarWinds Orion update, hit 18,000 organizations, and reshaped supply chain security.
Customer story pattern: cutting false-positive noise with...
How one team cut AppSec findings 92% and MTTR from 11 days to 36 hours by consolidating scanners — a reduce security tool noise false positives case study.
Automotive OEM ISO 21434 Compliance
An anonymized look at how a major automotive OEM used Safeguard to operationalize ISO/SAE 21434 software supply chain requirements across vehicle platforms.
Defense Contractor IL7 Deployment Walkthrough
An anonymized account of how a US defense prime deployed Safeguard in an IL7 classified environment supporting a DoD mission system.
Two Years of Item 1.05: What the Notable 8-K Filings Tell Us
From UnitedHealth to AT&T to Snowflake's downstream effects, two years of Item 1.05 filings reveal patterns in materiality, vendor incidents, and update cadence.
SaaS Vendor's EU CRA Readiness Sprint
An anonymized account of how a mid-sized European SaaS vendor prepared for the EU Cyber Resilience Act using a focused 12-week Safeguard readiness sprint.
Federal Agency FedRAMP Evidence Pack in 30 Days
An anonymized look at how a US federal civilian agency assembled a complete FedRAMP High supply chain evidence pack in 30 days using Safeguard.
How a Fortune 500 Bank Ran Its SBOM Program
An anonymized look at how a Fortune 500 financial services firm operationalized an enterprise SBOM program using Safeguard across 4,200 applications.
VEX Adoption in the Enterprise: Lessons From Early Adopters
Vulnerability Exploitability eXchange documents promise to reduce alert fatigue by distinguishing exploitable vulnerabilities from theoretical ones. Here is how enterprises are actually using them.
GitHub's Supply Chain Security Features
A comprehensive look at GitHub's evolving supply chain security toolkit, from Dependabot to code scanning, and how these features are reshaping how developers manage dependency risk.
Shopify's Supply Chain Security Program
How Shopify built a supply chain security program that protects millions of merchants while maintaining the development velocity that e-commerce demands.
Netflix's Open-Source Security Approach
How Netflix manages security across hundreds of open-source projects and thousands of internal dependencies while maintaining the velocity that streaming demands.