Safeguard
Tag

compliance

Safeguard articles tagged "compliance" — guides, analysis, and best practices for software supply chain and application security.

435 articles

SBOM

SBOM automation from creation to scanning & analysis

SBOM generation alone isn't enough. See how continuous SBOM automation — from creation to scanning and analysis — closes the gaps left by point-in-time tools.

Mar 29, 20267 min read
Industry Analysis

What is Software Supply Chain Security (SSCS)?

SolarWinds, Log4Shell, and the XZ Utils backdoor show why supply chain security now means more than SBOMs. Here's what SSCS actually covers—and where Anchore's approach falls short.

Mar 27, 20267 min read
Compliance

India DPDP Act Software Security Implications 2026

A senior engineer's view of the Digital Personal Data Protection Act in 2026: security safeguards, significant data fiduciaries, breach notification, and software controls that actually comply.

Mar 26, 20268 min read
Industry Analysis

Medical Device FDA Supply Chain Cybersecurity 2026

FDA expects supply chain cybersecurity evidence at premarket and through the device lifecycle. Here is what to deliver in 2026 without delaying clearance.

Mar 25, 20266 min read
Compliance

Vulnerability management under the EU Cyber Resilience Ac...

The EU Cyber Resilience Act sets hard deadlines for vulnerability reporting and SBOMs. Here's what changes, when, and how Safeguard stacks up against Anchore.

Mar 25, 20267 min read
Compliance

EU CRA SBOM requirements overview and compliance tips

The EU Cyber Resilience Act makes SBOMs mandatory for connected products by December 2027. Here is what CRA compliance actually requires, and how to prepare.

Mar 25, 20267 min read
Compliance

NIST 800-37 Risk Management Framework explained in plain ...

NIST 800-37's seven-step Risk Management Framework explained in plain English: who must comply, how it ties to FedRAMP and SSDF, and where teams stall.

Mar 25, 20267 min read
Regulatory Compliance

FedRAMP Continuous Monitoring: Supply Chain Controls

FedRAMP's continuous monitoring requirements now include supply chain risk. Learn how to produce monthly evidence aligned with NIST SP 800-161 controls.

Mar 24, 20266 min read
Regulatory Compliance

NYDFS 500 Software Supply Chain Implications

A senior engineer's view of how NYDFS Part 500 amendments through 2025 and 2026 reshape software supply chain expectations for regulated financial institutions.

Mar 24, 20267 min read
SBOM & Compliance

SBOM Quality: Fields Auditors Actually Check

Auditors do not score SBOMs on file count. They check a small set of fields that prove the artefact is real, current, and tied to a verifiable build. Here are the ones that matter.

Mar 24, 20266 min read
Compliance

NIST 800-53 security and privacy controls overview

A breakdown of NIST 800-53 Rev 5's control families, SBOM and supply-chain requirements, and why scanning tools like Anchore cover only a narrow slice of what compliance demands.

Mar 24, 20267 min read
Compliance

UK PSTI Act Consumer IoT: Year-One Review

The UK PSTI Act's first year of enforcement reveals how consumer IoT vendors are struggling with minimum security requirements, password rules, and disclosure policies.

Mar 24, 20267 min read
compliance (Page 16) — Safeguard Blog