Safeguard
Tag

osv

Safeguard articles tagged "osv" — guides, analysis, and best practices for software supply chain and application security.

9 articles

Supply Chain Security

Enriching SBOMs with Vulnerability and License Metadata

A base SBOM only lists what's in your build — OSV.dev, EPSS, and OpenSSF Scorecard turn that inventory into a prioritized risk decision.

Jul 8, 20267 min read
Vulnerability Analysis

GHSA vs CVE vs OSV: comparing vulnerability identifier formats

A plain-language breakdown of CVE, GHSA, and OSV vulnerability identifiers, who assigns them, how they differ, and why one flaw can carry three IDs.

Apr 30, 20267 min read
Open Source Security

Open Source Vulnerability Database Comparison 2026

Comparing the major open source vulnerability databases in 2026: NVD, OSV, GHSA, GitLab Advisory, and ecosystem-specific feeds measured on coverage and freshness.

Mar 22, 20265 min read
Open Source Security

The OSV Vulnerability Database API Cookbook

Practical patterns for using the OSV.dev API in production: batch queries, schema gotchas, version range parsing, and how to integrate OSV data into your own vulnerability pipelines.

Mar 2, 20265 min read
Tools

Renovate 2026: Security-Only Mode and OSV Alerts Tested

Renovate's 2026 security presets, OSV-based vulnerability alerts, and 14-day minimum release age combine into a defensible auto-update posture. We tested it on a 240-repo org.

Jan 29, 20267 min read
Vulnerability Analysis

What is a Vulnerability Database

CVE, NVD, OSV, GHSA, KEV — vulnerability databases power every scanner's severity score. Here's how they're built, enriched, and where they fall short.

Jan 20, 20266 min read
Vulnerability Management

Open Source Vulnerability Databases Compared: NVD, OSV, GitHub Advisory, and More

Not all vulnerability databases are created equal. A detailed comparison of coverage, timeliness, accuracy, and practical usability across the major databases.

Oct 22, 20256 min read
Concepts

What Is OSV (Open Source Vulnerabilities)?

OSV is an open, ecosystem-native vulnerability database that expresses affected versions in precise, machine-matchable ranges. Here is how it works and why scanners rely on it.

Oct 21, 20256 min read
Vulnerability Management

OSV Schema: The Open Source Vulnerability Database Format Explained

OSV provides a standardized format for vulnerability data that is purpose-built for open-source ecosystems. Here is how it works and why it is better than NVD for dependency scanning.

Aug 5, 20237 min read
osv — Safeguard Blog