Safeguard
Tag

devsecops

Safeguard articles tagged "devsecops" — guides, analysis, and best practices for software supply chain and application security.

706 articles

Application Security

Attack Surface Management (ASM): best practices guide

A practical attack surface management best practices guide for software supply chains, covering SBOMs, base image hardening, CI/CD exposure, and a 90-day rollout plan.

Apr 4, 20268 min read
Software Supply Chain Security

Managing risk in the software supply chain

Chainguard hardens base images, but that's one slice of supply chain risk. Here's what SolarWinds, Log4Shell, and XZ Utils reveal about the gaps — and how to close them.

Apr 3, 20268 min read
DevSecOps

Security automation: stop chasing vulnerabilities, start ...

Chasing CVEs doesn't scale — 40,000+ vulnerabilities were logged in 2024 alone. Here's why prevention-first automation beats patch-cycle chasing, and how it differs from Chainguard's approach.

Apr 3, 20267 min read
DevSecOps

Integrating Security Into the DevSecOps Toolchain

Integrating security into the DevSecOps toolchain works when scanning is wired into the tools engineers already use, not bolted on as a separate gate at the end.

Apr 2, 20265 min read
Open Source Security

Types of Open Source Licenses

A breakdown of permissive, copyleft, and source-available license types—MIT, GPL, AGPL, SSPL—and why misclassified licenses create hidden supply chain risk.

Apr 2, 20267 min read
AI Security

How DevOps Teams Actually Use AI Today

How can a DevOps team take advantage of artificial intelligence without adding risk? Mostly by pointing it at toil — log triage, test generation, and incident summarization — not by handing it the keys to production.

Apr 2, 20265 min read
Vulnerability Management

Vulnerability management for the modern engineering team

A vulnerability management program for engineering teams needs more than zero-CVE base images. Here's how Safeguard closes the gaps Chainguard leaves open.

Apr 2, 20267 min read
DevSecOps

CLI Tool Design For Developer Security Checks

A security CLI lives or dies on the experience of typing it. A design guide for building security tooling that respects the developer's terminal.

Mar 30, 20268 min read
SBOM

SBOM automation from creation to scanning & analysis

SBOM generation alone isn't enough. See how continuous SBOM automation — from creation to scanning and analysis — closes the gaps left by point-in-time tools.

Mar 29, 20267 min read
SBOM

Tackling SBOM sprawl across an organization

SBOM generation has outpaced SBOM management. Here's why sprawl happens, what it costs in incident response and audits, and how to consolidate it for good.

Mar 28, 20268 min read
SBOM

SBOM GitHub Action / dropping SBOM tooling into CI workflows

Adding an SBOM GitHub Action like Anchore's is easy; making the output useful isn't. Here's what breaks in real CI pipelines and how to fix it.

Mar 28, 20268 min read
Container Security

What is Container Security? (definition, lifecycle, threats)

Container security spans build, ship, and runtime: scanning, SBOMs, Kubernetes hardening, and runtime detection. How it works, and where Anchore leaves gaps.

Mar 28, 20268 min read
devsecops (Page 24) — Safeguard Blog