Safeguard
Tag

hardening

Safeguard articles tagged "hardening" — guides, analysis, and best practices for software supply chain and application security.

23 articles

DevSecOps

GitLab CI/CD Security Hardening for 2025

A practical hardening playbook for GitLab 17.8 covering runner isolation, OIDC federation, CI variable scoping, and protected branch enforcement.

Feb 20, 20255 min read
DevSecOps

Hardening GitLab vs GitHub Default Settings

GitLab and GitHub both ship with defaults that prioritize usability. A head-to-head on the specific hardening steps each platform needs before it is safe for enterprise use.

Dec 5, 20246 min read
DevSecOps

NuGet Private Feed Security Hardening

Private NuGet feeds sit in the blind spot of most security programs. The hardening work is not glamorous but the failure modes are expensive.

Jul 30, 20247 min read
Container Security

Rancher Cluster Security Hardening

Rancher is the distribution that runs when your Kubernetes is neither EKS nor OpenShift. Hardening it well is specific work.

Jul 30, 20247 min read
DevSecOps

JFrog Artifactory Hardening Guide

Artifactory is the most common artifact repository in enterprise. It is also a default-permissive system where misconfigurations compound. A concrete hardening guide.

Dec 14, 20236 min read
Infrastructure Security

Apache Web Server Hardening Guide for Production Environments

Apache httpd still serves millions of websites. Its default configuration exposes information, accepts weak TLS, and enables features you probably do not need.

Nov 12, 20235 min read
Software Supply Chain Security

Post-Breach Supply Chain Hardening: Lessons from Real Incidents

After a supply chain breach, the remediation window is your best opportunity to implement controls that should have existed before the incident. This guide covers what to harden and in what order.

Apr 22, 20237 min read
Infrastructure Security

Nexus Repository Security Hardening: Beyond the Defaults

Sonatype Nexus is everywhere. Its default configuration is permissive. Here is how to lock it down for enterprise use.

Jan 12, 20236 min read
Best Practices

Container Image Hardening Checklist

A comprehensive checklist for hardening your container images, from base image selection to runtime protections, with practical Dockerfile examples.

Jan 12, 20236 min read
Application Security

Security Misconfiguration Checklist: The Low-Hanging Fruit Attackers Love

Misconfigurations are the easiest vulnerabilities to find and exploit. Here is a practical checklist for web servers, frameworks, cloud services, and databases.

Sep 8, 20226 min read
DevSecOps

Securing GitHub Actions: Hardening Your CI/CD Supply Chain

GitHub Actions is a powerful CI/CD platform — and a significant attack surface. Here's how to lock it down against supply chain threats.

Aug 15, 20226 min read
hardening (Page 2) — Safeguard Blog