incident-response
Safeguard articles tagged "incident-response" — guides, analysis, and best practices for software supply chain and application security.
95 articles
Security Incident Communication Guide
How to communicate during and after a security incident without making things worse. Templates, timelines, and principles for crisis communication.
Game Day Exercises for Supply Chain Incidents: Practicing Before the Real Thing
Game day exercises simulate supply chain attacks and failures, testing your team's response procedures before a real incident hits. Here is how to plan and run effective supply chain game days.
Post-Breach Supply Chain Hardening: Lessons from Real Incidents
After a supply chain breach, the remediation window is your best opportunity to implement controls that should have existed before the incident. This guide covers what to harden and in what order.
GitHub Private RSA Key Exposed in Public Repository
GitHub's accidental exposure of its private RSA SSH host key in a public repository forced an emergency rotation affecting millions of developers.
Incident Response Playbook for Supply Chain Attacks
Supply chain attacks break your standard IR playbook. The compromise originates outside your perimeter, affects trusted software, and the blast radius is unknown. Here's how to adapt.
Software Supply Chain Forensics: Investigation Techniques After a Compromise
When a supply chain compromise is confirmed or suspected, forensic investigation must trace the attack path through dependencies, build systems, and artifacts. This guide covers the methodology.
Vulnerability Coordination Across the Open Source Ecosystem
When a vulnerability affects a library used by thousands of projects, coordinating the fix is harder than writing the patch. The coordination problem is open source security's biggest operational challenge.
Business Continuity Planning for Supply Chain Attacks
When a critical dependency is compromised or disappears, can your business keep running? Most organizations haven't answered this question honestly.
The Log4Shell Response Playbook Six Months In
Six months after CVE-2021-44228 broke the internet, here is what worked, what didn't, and the response patterns security teams should keep as muscle memory.
Log4Shell Impact Assessment and Remediation Guide
You know Log4Shell is bad. Now here's how to find every instance in your environment and fix it — including the edge cases everyone misses.
Disaster Recovery Planning for Software Supply Chain Incidents
When a supply chain attack hits, your DR plan needs to cover more than just infrastructure failover. Here is how to prepare for the worst.