Safeguard
Tag

observability

Safeguard articles tagged "observability" — guides, analysis, and best practices for software supply chain and application security.

15 articles

DevSecOps

Piping security findings into your observability stack

OCSF just cleared ITU review for ratification by June 2026 — here's how to route vulnerability and scan data into Datadog or New Relic without drowning your on-call rotation.

Jul 12, 20266 min read
Concepts

What Is Security Logging?

Security logging records security-relevant events so activity can be monitored, investigated, and audited. Learn what to log, how it works, and the common pitfalls.

May 21, 20266 min read
Vulnerability Management

Linguistic Lumberjack: lessons from Fluent Bit CVE-2024-4323

Tenable's Linguistic Lumberjack flaw in Fluent Bit's monitoring API was a heap corruption with a wide blast radius because observability sidecars are everywhere and rarely inventoried.

May 13, 20266 min read
AI Security

LLM Traces and Evals: The Missing Layer in AI Supply Chain Security

Prompt traces and offline evals are standard hygiene for ML teams, but almost nobody treats them as supply chain telemetry. They should be. Here's how traces and evals plug into SBOM and reachability as a fourth security signal.

Apr 8, 20267 min read
Container Security

Kubernetes Monitoring Guide

A practical Kubernetes monitoring guide: what to track across nodes, control plane, and workloads, the tools teams use, and where monitoring alone misses supply chain risk.

Mar 19, 20266 min read
Buyer's Guides

Best software supply chain observability tools

A practical, no-hype buyer's guide to software supply chain observability tools -- evaluation criteria, an honest roundup of six real vendors, and where Safeguard fits.

Nov 4, 20258 min read
Containers

cAdvisor: Container Resource Monitoring, Explained

cAdvisor gives you per-container CPU, memory, network, and filesystem metrics out of the box — here's what it actually measures, how it fits with Prometheus and Kubernetes, and where its limits show up.

Mar 18, 20255 min read
Industry Analysis

Azure Monitor for Supply Chain Observability

Supply chain observability in Azure is not missing telemetry — it is missing the right queries. A walk through the Azure Monitor data sources that actually answer the hard questions.

Nov 22, 20248 min read
Industry Analysis

Grafana Loki for Build Pipeline Logs: Patterns That Scale

Design a Loki-based log pipeline for CI/CD observability and supply chain forensics. Labels, retention, LogQL patterns, and cost discipline from the field.

Nov 12, 20247 min read
Industry Analysis

Datadog Security for Supply Chain Monitoring

Using Datadog's Cloud SIEM, ASM, and logs pipeline to monitor software supply chain threats across CI/CD, registries, and runtime.

Sep 8, 20247 min read
Industry Analysis

New Relic Security: Building a Supply Chain View

How to extend New Relic's APM and Vulnerability Management features into a working software supply chain dashboard for security and platform teams.

Aug 15, 20247 min read
Industry Analysis

Sumo Logic for Supply Chain Observability: A Practitioner's Guide

Architect Sumo Logic dashboards, queries, and anomaly detection for software supply chain visibility across SCM, CI/CD, registries, and cloud runtime.

May 22, 20247 min read
observability — Safeguard Blog