Safeguard
Tag

infrastructure-security

Safeguard articles tagged "infrastructure-security" — guides, analysis, and best practices for software supply chain and application security.

27 articles

Infrastructure Security

What is Configuration Drift

Configuration drift silently pulls live systems away from their secure baseline — and it's behind some of the largest cloud data exposures on record.

Mar 11, 20267 min read
Infrastructure Security

What is GitOps Security

GitOps turns your Git repo into the source of truth for production, so one bad commit or stolen credential can mean a full cluster takeover.

Mar 11, 20267 min read
Infrastructure Security

Public key infrastructure (PKI)

What is PKI? A precise breakdown of public key infrastructure, the PKI certificate chain, root and intermediate CAs, and how trust hierarchies can break.

Feb 27, 20267 min read
Infrastructure Security

How to harden a Linux server

A step-by-step guide to harden Linux server security: SSH hardening, firewalls, patching, CIS benchmark alignment, and verification for production systems.

Feb 13, 20268 min read
Infrastructure Security

How to scan Terraform for misconfigurations with Checkov

A hands-on guide to running Checkov against Terraform, triaging findings, writing custom policies, and blocking IaC misconfigurations before they merge.

Feb 13, 20269 min read
Infrastructure Security

How to encrypt a Terraform state file

A step-by-step guide to encrypting a Terraform state file using an S3 backend, KMS keys, and IAM controls to keep infrastructure secrets safe.

Feb 13, 20267 min read
Industry Analysis

How to configure DNSSEC

A practical, command-by-command guide to configure DNSSEC on managed and self-hosted DNS, verify the chain of trust, and prevent DNS spoofing across your supply chain.

Feb 8, 20267 min read
Cloud Security

Securing ML Model Serving Infrastructure

Model serving infrastructure is a growing attack surface that most security teams overlook. From model poisoning to inference API abuse, here are the risks and how to address them.

Jul 10, 20246 min read
Infrastructure Security

Message Queue Security: Hardening Kafka, RabbitMQ, and Event Brokers

Message queues are the nervous system of modern architectures. A compromised broker can intercept, modify, or inject messages across your entire system. Here is how to lock them down.

May 25, 20245 min read
Infrastructure Security

Load Balancer Security Considerations for Modern Architectures

Load balancers terminate TLS, distribute traffic, and make routing decisions. Their security configuration affects every service behind them.

Jul 12, 20236 min read
DevSecOps

SSH Key Management for Organizations: Beyond the Basics

SSH keys provide access to your most critical infrastructure. Most organizations manage them poorly. Here is how to do it right.

Jul 8, 20234 min read
Infrastructure Security

DNS Security and Software Distribution: The Foundation Nobody Secures

Every software download, package install, and API call starts with a DNS query. DNS compromise redirects your supply chain at the most fundamental level — and most organizations have no visibility.

Jun 15, 20235 min read
infrastructure-security (Page 2) — Safeguard Blog