government
Safeguard articles tagged "government" — guides, analysis, and best practices for software supply chain and application security.
21 articles
NATO Software Supply Chain Cooperation Update
NATO allies are converging on shared software supply chain expectations for defense procurement. Here is what the cooperation looks like and how to prepare.
Government AI Procurement Supply Chain Overlap
Government AI procurement rules are colliding with software supply chain requirements. Here is how to navigate the overlap without doubling the workload.
Federal Software Procurement and SBOM Requirements: A Vendor's Playbook
If you sell software to the US government, SBOM requirements are now non-negotiable. Here's a practical playbook for compliance.
CISA's Software Identification Ecosystem: What You Need to Know
CISA is building a comprehensive software identification ecosystem that ties SBOMs, vulnerabilities, and procurement together. Here is what it means for software producers and consumers.
FedRAMP 20x KSIs: Compliance as Machine-Readable Evidence
FedRAMP 20x, launched March 2025, replaces document-heavy authorization with 56-61 Key Security Indicators submitted as OSCAL. Here is what cloud providers must actually automate.
Rhysida Ransomware: Systematic Targeting of Government and Critical Infrastructure
Rhysida ransomware distinguished itself through deliberate targeting of government agencies, education institutions, and healthcare organizations across multiple countries.
Government Contractor SBOM Compliance: Meeting Federal Requirements
Federal agencies are mandating SBOMs from their software suppliers. If you sell software to the government, here's what compliance looks like.
Supply Chain Security for Government Agencies
Government agencies face unique software supply chain threats. Here's how federal and state organizations can protect critical infrastructure from compromise.
CISA SBOM Guidance: What Government Agencies Need to Know
CISA's evolving SBOM requirements are reshaping how government agencies procure and manage software. Here's what the guidance says and how to operationalize it.