Safeguard
Tag

ci-cd-security

Safeguard articles tagged "ci-cd-security" — guides, analysis, and best practices for software supply chain and application security.

186 articles

Buyer's Guides

Best ASPM Tools in 2026: Application Security Posture Management Compared

An honest buyer's guide to the best ASPM tools in 2026 — Apiiro, ArmorCode, Cycode, Snyk AppRisk, OX Security, and Safeguard — with a fair blurb and a best-for line for each, plus how AIBOM and supply chain risk reshape the category.

Jun 8, 20268 min read
Supply Chain Security

Why postinstall Scripts Became the Frontline of the Software Supply Chain Attack

Install-time script execution turned npm install and pip install into code-execution events. Here is how 2026's wave of attacks works, and the lockfile, allowlist, and sandbox discipline that actually stops it.

Jun 7, 20267 min read
Supply Chain Security

After the Worms: A CI/CD Security Playbook for Developer Credentials in 2026

The 2026 npm and PyPI worms proved that a trusted release pipeline is a credential vault. Here is what IronWorm and Mini Shai-Hulud actually exploited, and how to harden CI/CD before the next one lands.

Jun 6, 20268 min read
Buyer's Guides

Best DAST Tools in 2026: Web, API, and CI/CD Scanning Compared

An honest guide to the best DAST tools in 2026 — from OWASP ZAP and Burp Suite to Invicti, StackHawk, and Escape — with clear guidance on which fits web apps, APIs, and CI/CD-native pipelines, and where DAST stops and supply chain security begins.

Jun 6, 20268 min read
Buyer's Guides

Best SAST Tools in 2026: Semgrep, CodeQL, Snyk, and the AI Shift Compared

An honest buyer's guide to the best SAST tools in 2026 — from Semgrep and CodeQL to SonarQube, Snyk Code, and Checkmarx — plus how reachability analysis and agentic AI are reshaping static application security testing and where Safeguard fits.

Jun 5, 20268 min read
DevSecOps

DevOps vs DevSecOps: what actually changes when you add s...

DevOps vs DevSecOps isn't a mindset shift — it's specific new artifacts, gates, and ownership. Here's what changes, contrasted with JFrog's artifact-first model.

Jun 1, 20268 min read
DevSecOps

Policy-as-code for CI/CD: enforcing security gates withou...

How policy-as-code turns security gates from build-breaking friction into fast, git-versioned CI/CD checks — and where Safeguard's approach differs from JFrog's Xray and Curation model.

May 28, 20268 min read
Application Security

Top SAST solutions compared for 2026

Comparing Safeguard and Mend.io on SAST scope, CI/CD fit, and compliance coverage—what's verifiable, what to test yourself, and how a unified platform changes the tradeoffs.

May 26, 20268 min read
Application Security

Cheat sheet: 10 Bitbucket security best practices

A concrete, numbers-first cheat sheet covering the 10 Bitbucket security settings that stop misconfigurations from becoming supply chain breaches.

May 23, 20266 min read
DevSecOps

Top 8 DevSecOps best practices

Log4Shell and the xz backdoor show why DevSecOps matters. Eight concrete practices — from reachability triage to auto-fix PRs — teams can implement now.

May 19, 20267 min read
DevSecOps

How to implement DevSecOps in 4 steps

A concrete, 4-step playbook for implementing DevSecOps — pipeline gating, SBOM generation, reachability-based triage, and auto-fix PRs.

May 19, 20267 min read
DevSecOps

DevSecOps automation: principles, frameworks, and tools

A practical breakdown of DevSecOps automation frameworks — principles, standards like NIST SSDF, and the tools that turn shift-left security into a repeatable pipeline.

May 19, 20268 min read
ci-cd-security (Page 6) — Safeguard Blog