industry-analysis
Safeguard articles tagged "industry-analysis" — guides, analysis, and best practices for software supply chain and application security.
85 articles
Inside the Agentic Development Supply Chain Report
Safeguard's research team analyzed 42,000+ repositories with agentic commit activity, finding new dependency, MCP server, and SBOM gaps introduced by AI coding agents.
AI Agent Security: 6 Risks Beyond Traditional Controls
Gartner projects a third of enterprise apps will run agentic AI by 2028. Here are six AI agent security risks traditional controls miss.
The Hidden Cost of AI Code in Financial Services
Banks and fintechs are shipping AI-generated code faster than they can vet it. The bill for that speed is starting to come due.
Executive Guide to Operationalizing AI Governance
A 2026 look at why AI governance policies keep failing in practice—and the five-pillar operating model executives are using to fix it.
Agent Security Buyer's Guide Overview
As AI agents gain production write-access across the enterprise, security teams need a rigorous buyer's guide to separate real agent security platforms from repackaged AppSec dashboards.
Third-party risk management for telehealth platforms
A six-step playbook for telehealth vendor risk management: inventory PHI flows, tier HIPAA business associate risk, run SCA on vendor SDKs, and monitor continuously.
Third-party risk management for telecom equipment vendors
A practical playbook for vetting telecom equipment vendors: supply chain checks, hardware/software audits, and procurement security controls.
10 Predictions for Software Supply Chain Security in 2026
From AI-generated SBOMs to regulatory enforcement and the death of CVSS-only triage, here is what the software security landscape will look like in 2026.
The 2025 Software Supply Chain Security Report: Summary
The 2025 annual SSCS report lands into a changed landscape. Key findings, trend lines, and what the numbers actually imply for 2026 planning.
Software Supply Chain Security in 2025: The Year in Review
From the CVE program funding crisis to the rise of AI-targeted supply chain attacks, 2025 reshaped the software security landscape. A comprehensive look at the year's defining events and trends.
Introduction to confidential computing and hardware-based...
Confidential computing seals data in use inside hardware-encrypted enclaves, closing the last gap in the encrypt-everywhere model. Here's how it works.
How trusted execution environments protect sensitive work...
Trusted execution environments promise hardware-isolated security for sensitive workloads, but real-world attacks show the TEE model has limits Safeguard helps you manage.