Safeguard
Tag

patching

Safeguard articles tagged "patching" — guides, analysis, and best practices for software supply chain and application security.

8 articles

Best Practices

Renovate Bot Configuration Recipes for 2026

Renovate is the more powerful dependency-update bot, and its config surface is large. Here are the recipes worth knowing and the defaults worth overriding.

Feb 12, 20266 min read
Best Practices

Dependabot Security Update Policies for 2026

A pragmatic guide to configuring Dependabot for security updates: which knobs matter, which defaults are wrong, and how to avoid drowning teams in PRs.

Feb 3, 20266 min read
Security

nginx 1.22.1 Vulnerabilities: What Actually Affects You

Worried about nginx 1.22.1 vulnerabilities? Here is what genuinely affects this release, what does not, and how to decide whether you need to upgrade.

Sep 9, 20255 min read
Security

Is There an Nginx 1.18.0 Exploit? What the Known CVEs Actually Mean

Nginx 1.18.0 is an unmaintained stable release with real CVEs against it. Here is which flaws are genuinely exploitable, which need specific config, and how to upgrade.

May 27, 20255 min read
Security

The Java Developer Kit Explained: Security Risks and How to Harden Your JDK

The Java Developer Kit is more than a compiler and runtime. Here is how to treat the JDK as part of your attack surface and keep it patched.

Mar 11, 20256 min read
Security

CVE-2023-5363 Explained: The OpenSSL Key and IV Length Flaw

CVE-2023-5363 is an OpenSSL bug where key and IV length parameters get processed too late, risking confidentiality in GCM, CCM and OCB modes. Here is who is affected and how to fix it.

Feb 11, 20255 min read
Vulnerability Management

Mean Time to Remediation Benchmarks: How Fast Should You Be Patching?

MTTR is the most important vulnerability management metric. But what is a good MTTR? Industry benchmarks, realistic targets, and strategies for improvement.

Jul 12, 20245 min read
Incident Response

Log4Shell Impact Assessment and Remediation Guide

You know Log4Shell is bad. Now here's how to find every instance in your environment and fix it — including the edge cases everyone misses.

Dec 15, 20215 min read
patching — Safeguard Blog