enterprise-security
Safeguard articles tagged "enterprise-security" — guides, analysis, and best practices for software supply chain and application security.
25 articles
Local LLM Deployment: Enterprise Risks
Running LLMs on local hardware eliminates some risks and introduces others. A clear-eyed look at the enterprise risk profile of on-premise and on-device model deployments.
Why Systems Integrators Are Becoming Central to Enterpris...
As regulations like NIST SSDF, DORA, and the EU Cyber Resilience Act raise the bar, systems integrators are taking the lead role in enterprise AppSec rollouts.
SAP NetWeaver CVE-2025-31324: Unrestricted File Upload Zero-Day
A critical file upload vulnerability in SAP NetWeaver Visual Composer was exploited to deploy web shells on enterprise SAP systems. The flaw required no authentication and scored 10.0 on CVSS.
SBOM Adoption in 2024: Enterprise Survey Results and Reality Check
Despite growing regulatory pressure, enterprise SBOM adoption remains uneven. A look at where organizations actually stand with SBOM generation, consumption, and operationalization.
What Is SAML
SAML lets an identity provider vouch for you to other applications using signed XML assertions. Learn how it powers enterprise single sign-on and how it works.
Vulnerability Management at Enterprise Scale: What Actually Works
Managing vulnerabilities across thousands of applications and millions of dependencies requires fundamentally different approaches than what works for a single team. Here is what scales.
PyPI 2FA Enrollment: Enterprise Rollout
PyPI's 2FA mandate isn't just a personal-account concern anymore — enterprises publishing Python libraries have real rollout work to do. A playbook from the front lines.
Microsoft's Secure Supply Chain Practices
How Microsoft rebuilt its security posture after years of high-profile incidents, implementing supply chain controls that now protect one of the world's largest software ecosystems.
Google Assured Open Source Software: Curated Security for Enterprise Dependencies
Google's Assured OSS service provides enterprise-grade security guarantees for open source packages. It's a compelling model, but it raises questions about who controls the open source supply chain.
Artifactory Security Best Practices for Enterprise Teams
JFrog Artifactory is a universal artifact manager. Getting its security right requires understanding its permission model, Xray integration, and access token management.
Black Duck SCA: The Enterprise Stalwart of Open Source Security
A review of Synopsys Black Duck for software composition analysis, covering its strengths in license compliance, vulnerability detection, and enterprise governance.
Startup Security at Growth Stage: Building Enterprise-Grade Programs
Post-Series B, your startup is becoming an enterprise. Security programs that worked for 30 engineers will not work for 300. Here is how to build security that scales with your ambitions.