Safeguard
Tag

devsecops

Safeguard articles tagged "devsecops" — guides, analysis, and best practices for software supply chain and application security.

706 articles

Software Supply Chain Security

How to implement software supply chain security with SLSA

A step-by-step guide to implement SLSA supply chain security: map risk, generate signed provenance, and enforce verification before deploy.

Feb 17, 20268 min read
Cloud Security

How to set up AWS CloudTrail logging

A step-by-step guide to setting up AWS CloudTrail logging, enabling it across all regions, validating log integrity, and building a solid audit logging setup.

Feb 16, 20267 min read
Application Security

How to set up secrets scanning in git repositories

A step-by-step guide to secrets scanning in git repositories using gitleaks and trufflehog, covering pre-commit hooks, CI enforcement, and history audits.

Feb 16, 20267 min read
Open Source Security

How to set up software composition analysis (SCA)

A practical, step-by-step guide to setting up software composition analysis: choosing a tool, setting policy, and integrating scans into CI/CD.

Feb 15, 20267 min read
Container Security

How to configure Falco for runtime security monitoring

A practical walkthrough to configure Falco runtime security in Kubernetes: install, customize rules, route alerts, tune noise, and verify detection end-to-end.

Feb 14, 20268 min read
DevSecOps

Supply Chain Security KPIs for Engineering Leaders

If you cannot measure your supply chain security posture, you cannot invest in it. Here are the KPIs that separate real programs from the theater.

Feb 14, 20267 min read
Cloud Security

How to set up AWS Secrets Manager with automatic rotation

A practical guide to setting up AWS Secrets Manager with automatic rotation via Lambda, including verification steps and a comparison to Parameter Store.

Feb 14, 20267 min read
Infrastructure Security

How to harden a Linux server

A step-by-step guide to harden Linux server security: SSH hardening, firewalls, patching, CIS benchmark alignment, and verification for production systems.

Feb 13, 20268 min read
Infrastructure Security

How to scan Terraform for misconfigurations with Checkov

A hands-on guide to running Checkov against Terraform, triaging findings, writing custom policies, and blocking IaC misconfigurations before they merge.

Feb 13, 20269 min read
Best Practices

Renovate Bot Configuration Recipes for 2026

Renovate is the more powerful dependency-update bot, and its config surface is large. Here are the recipes worth knowing and the defaults worth overriding.

Feb 12, 20266 min read
Containers

Best Container Security Tools in 2026

Image scanners, runtime sensors, and Kubernetes posture tools each catch different failures. Here is how the leading options compare in 2026 — and how to pick a stack without buying three overlapping scanners.

Feb 12, 20266 min read
DevSecOps

DevOps Metrics That Security Teams Should Watch Too

Deploy frequency and lead time aren't just engineering KPIs — read alongside vulnerability data, they tell security teams exactly where risk is accumulating.

Feb 11, 20265 min read
devsecops (Page 32) — Safeguard Blog