observability
Safeguard articles tagged "observability" — guides, analysis, and best practices for software supply chain and application security.
15 articles
Piping security findings into your observability stack
OCSF just cleared ITU review for ratification by June 2026 — here's how to route vulnerability and scan data into Datadog or New Relic without drowning your on-call rotation.
What Is Security Logging?
Security logging records security-relevant events so activity can be monitored, investigated, and audited. Learn what to log, how it works, and the common pitfalls.
Linguistic Lumberjack: lessons from Fluent Bit CVE-2024-4323
Tenable's Linguistic Lumberjack flaw in Fluent Bit's monitoring API was a heap corruption with a wide blast radius because observability sidecars are everywhere and rarely inventoried.
LLM Traces and Evals: The Missing Layer in AI Supply Chain Security
Prompt traces and offline evals are standard hygiene for ML teams, but almost nobody treats them as supply chain telemetry. They should be. Here's how traces and evals plug into SBOM and reachability as a fourth security signal.
Kubernetes Monitoring Guide
A practical Kubernetes monitoring guide: what to track across nodes, control plane, and workloads, the tools teams use, and where monitoring alone misses supply chain risk.
Best software supply chain observability tools
A practical, no-hype buyer's guide to software supply chain observability tools -- evaluation criteria, an honest roundup of six real vendors, and where Safeguard fits.
cAdvisor: Container Resource Monitoring, Explained
cAdvisor gives you per-container CPU, memory, network, and filesystem metrics out of the box — here's what it actually measures, how it fits with Prometheus and Kubernetes, and where its limits show up.
Azure Monitor for Supply Chain Observability
Supply chain observability in Azure is not missing telemetry — it is missing the right queries. A walk through the Azure Monitor data sources that actually answer the hard questions.
Grafana Loki for Build Pipeline Logs: Patterns That Scale
Design a Loki-based log pipeline for CI/CD observability and supply chain forensics. Labels, retention, LogQL patterns, and cost discipline from the field.
Datadog Security for Supply Chain Monitoring
Using Datadog's Cloud SIEM, ASM, and logs pipeline to monitor software supply chain threats across CI/CD, registries, and runtime.
New Relic Security: Building a Supply Chain View
How to extend New Relic's APM and Vulnerability Management features into a working software supply chain dashboard for security and platform teams.
Sumo Logic for Supply Chain Observability: A Practitioner's Guide
Architect Sumo Logic dashboards, queries, and anomaly detection for software supply chain visibility across SCM, CI/CD, registries, and cloud runtime.