gcp
Safeguard articles tagged "gcp" — guides, analysis, and best practices for software supply chain and application security.
39 articles
Building a Multi-Cloud Security Strategy That Actually Scales
A practical framework for securing AWS, Azure, and GCP together — the pillars, the provider differences that trip teams up, and how to unify controls with policy-as-code.
When the Cloud Pulls the Plug: The GCP Account Suspension That Took Railway Down (May 19, 2026)
On May 19, 2026, Google Cloud automatically suspended Railway's production account, taking down a platform fronting roughly 10 million services for about eight hours. The root cause was not a breach but a control-plane dependency and a provider action with no human in the loop.
GCP Cloud Functions and Cloud Run buildpacks: the third-party supply chain in 2026
Buildpack dependency surface plus Cloud Build's default service account creates a blast radius most teams underestimate. Here is what to harden in 2026.
GCP Binary Authorization Enforcement Runbook 2026
A practical 2026 runbook for enforcing GCP Binary Authorization in production, including attestation pipelines, break-glass procedures, and rollout sequencing.
AWS CodePipeline Supply Chain Defence 2026
AWS CodePipeline is where most AWS-native supply chain attacks land in 2026. This is the defence blueprint that actually works in production accounts.
Azure DevOps Pipeline Supply Chain Controls
Azure DevOps pipelines hold more production deploy power than any other system in many enterprises. The 2026 supply chain controls are not optional anymore.
GCP Cloud Build Supply Chain Defence
Cloud Build has the strongest native supply chain primitives of any major CI service. Most GCP shops are still not using them. This is the 2026 blueprint.
AWS ECR Image Signing With Cosign In Production
Cosign-signed images in ECR are no longer a side project. This is how to roll out signing across an AWS estate without breaking the deploy pipeline.
Azure ACR Trusted Images Policy Rollout
ACR's trusted images and notation signing combine into a deploy-time policy you can actually enforce. Here is how to roll it out without breaking AKS workloads.
GCP Binary Authorization Real-World Deployment
Binary Authorization works in production, but the rollout pattern is not obvious. This is the real-world deployment guide for 2026 GCP estates.
Multi-Cloud Supply Chain Control Plane
A multi-cloud estate needs a single control plane for supply chain policy. This is what one looks like across AWS, Azure, and GCP in production in 2026.
Cloud IAM And Supply Chain Overlap Mistakes
Cloud IAM and supply chain controls overlap in ways that confuse most teams. These are the 2026 mistakes that turn IAM gaps into supply chain incidents.