Safeguard
Tag

devsecops

Safeguard articles tagged "devsecops" — guides, analysis, and best practices for software supply chain and application security.

706 articles

DevSecOps

Using GCP Workload Identity Federation for keyless CI/CD ...

GCP Workload Identity Federation lets CI/CD pipelines authenticate with short-lived tokens instead of service account keys. Here's how it works and how to migrate.

Jan 12, 20267 min read
Cloud Security

Automating secret rotation in Google Cloud Secret Manager

A practical guide to automating GCP Secret Manager rotation—covering versioning, Cloud Functions, Cloud Scheduler, and rotating database credentials safely.

Jan 12, 20268 min read
Cloud Security

Best practices for managing encryption keys with Google C...

A step-by-step guide to Cloud KMS best practices: key hierarchy, IAM scoping, envelope encryption, automated rotation, HSM protection levels, and audit logging.

Jan 11, 20268 min read
DevSecOps

Securing Cloud Build pipelines and generating SLSA proven...

How to secure Cloud Build supply chain security with least-privilege service accounts and SLSA provenance so tampered builds never reach production.

Jan 10, 20267 min read
Industry Analysis

Managing secrets securely with OCI Vault

A step-by-step guide to OCI Vault secrets management: provisioning, rotation, IAM policies, pipeline integration, and best practices for securing credentials.

Jan 9, 20268 min read
Container Security

Scanning Oracle Cloud Infrastructure Registry images for ...

A step-by-step guide to OCIR vulnerability scanning: enabling OCI's Vulnerability Scanning Service, triggering push-time scans, triaging CVEs, and signing verified images.

Jan 9, 20268 min read
DevSecOps

Using OCI dynamic groups to authenticate CI/CD pipelines

A practical guide to eliminating static credentials in CI/CD using OCI dynamic groups, matching rules, and OCI DevOps service authentication instead of API keys.

Jan 7, 20268 min read
Container Security

Comparing container registry security features across maj...

A practical, no-fluff comparison of ECR vs ACR vs GAR vs OCIR on scanning depth, signing, IAM, and compliance — plus where Harbor fits and how Safeguard unifies them.

Jan 6, 20268 min read
Open Source Security

How to vet open source software before deployment in tele...

A seven-step process for vetting open source telecom core network components — SBOMs, signature verification, protocol fuzzing, and procurement sign-off — before they reach production.

Dec 24, 20257 min read
AI Security

Step-by-step guide to hardening and securing an MCP serve...

A practical, step-by-step guide to hardening and securing an MCP server deployment -- authentication, sandboxing, network policy, and monitoring included.

Dec 18, 20258 min read
AI Security

Comparing MCP security scanning and gateway products

A practical buyer's guide to MCP security gateways and scanners — evaluation criteria, honest strengths and gaps for real vendors, and where Safeguard fits.

Dec 17, 20258 min read
AI Security

Overview of AI model supply chain security risks end to end

A concrete, incident-driven walkthrough of AI supply chain security — from poisoned datasets and backdoored Hugging Face models to CI pipeline hijacks — and how to reduce the risk end to end.

Dec 17, 20258 min read
devsecops (Page 38) — Safeguard Blog