Safeguard
Tag

defense-in-depth

Safeguard articles tagged "defense-in-depth" — guides, analysis, and best practices for software supply chain and application security.

9 articles

Best Practices

Defense-in-depth for a modern cloud-native application stack

Log4Shell and the XZ backdoor were caught two different ways — one by patching, one by a developer noticing 500ms of extra SSH latency. Neither alone is a strategy.

Jul 8, 20266 min read
Concepts

What Is Defense in Depth in Security?

Defense in depth is a layered security strategy that assumes any single control will eventually fail, so it stacks independent safeguards to slow and stop attackers. Here's how the model works and how it maps to the software supply chain.

Jul 2, 20266 min read
AI Security

Prompt-injection vectors specific to MCP servers and how to layer defenses

MCP servers expose three distinct prompt-injection surfaces — resource contents, tool outputs, and sampling requests — and each one needs its own defense layer. Here is how to think about them together.

May 12, 20268 min read
Concepts

What Is a Security Control?

A security control is a safeguard that prevents, detects, or responds to threats to reduce risk. Learn the types, categories, and how frameworks organize them.

Apr 9, 20266 min read
Concepts

What Is Security Hardening?

Security hardening reduces a system's attack surface by removing what it does not need and configuring the rest safely. Learn the principles, benchmarks, and how to apply it.

Feb 27, 20265 min read
AI Security

Prompt Injection Defense Architectures in 2026

Prompt injection remains the LLM01 entry on the OWASP LLM Top 10 for a reason. A pragmatic look at the defense architectures that hold up in production this year.

Feb 11, 20265 min read
Best Practices

What is Defense in Depth

Defense in depth stacks independent security layers—source, build, dependencies, artifacts, runtime—so no single failure causes a breach.

Jan 27, 20267 min read
Application Security

WAF Bypass Techniques and What They Mean for Supply Chain Security

Web Application Firewalls are a critical defense layer, but they are routinely bypassed. Understanding bypass techniques helps you build defense in depth rather than relying on a single control.

Dec 8, 20236 min read
Security Architecture

Defense in Depth for the Software Supply Chain

No single control stops supply chain attacks. Defense in depth — layered controls across the entire software lifecycle — is the only strategy that works against sophisticated adversaries.

Feb 15, 20235 min read
defense-in-depth — Safeguard Blog