Forensics
Safeguard articles tagged "Forensics" — guides, analysis, and best practices for software supply chain and application security.
6 articles
Package Registry Forensic Log Analysis
Extracting investigative signal from package registry logs — publish events, download patterns, and account activity — during a supply chain incident.
Build Server Compromise Investigation
A hands-on investigation guide for compromised build servers, from initial containment through rootkit checks and clean rebuild.
Dependency Compromise Timeline Reconstruction
How to rebuild a precise timeline after a dependency has been compromised, using lockfile history, registry metadata, and CI logs.
Supply Chain Incident Forensics Playbook
A practical, hour-by-hour forensics playbook for responding to software supply chain incidents, from first alert through root cause and disclosure.
Software Supply Chain Forensics: Investigation Techniques After a Compromise
When a supply chain compromise is confirmed or suspected, forensic investigation must trace the attack path through dependencies, build systems, and artifacts. This guide covers the methodology.
CI/CD Pipeline Audit Logging: What to Capture and Why
Your CI/CD pipeline is a high-value target. Without proper audit logging, you will not know when it has been compromised until it is too late.