red-team
Safeguard articles tagged "red-team" — guides, analysis, and best practices for software supply chain and application security.
11 articles
Red team vs. blue team fundamentals: how to structure the exercise
MITRE ATT&CK went public in May 2015 to give red and blue teams a shared language — most organizations still run the two in total isolation.
Safeguard Expands Into a Unified, AI-Native Defensive Security Platform
Safeguard is growing from a posture and findings platform into a first-party detection and prevention platform — first-party AppSec, defensive red-teaming, AI security, data security, runtime/CNAPP, and a supply-chain package firewall — all feeding one prioritized findings model.
Red Team vs Blue Team: What's the Difference?
The red team plays the attacker, probing for ways in. The blue team plays the defender, detecting and stopping them. One breaks; the other protects.
LLM Jailbreak Defense Architectures in 2026
Jailbreaks against frontier models keep getting more sophisticated. The defense architectures that have proven durable, and the ones that get bypassed in weeks.
Enterprise AI Red Team Program Design
AI red teaming is not a one-off exercise. Programmatic red-teaming of AI systems requires specific structure — and most organisations don't have it yet.
LLM Jailbreak as a Supply Chain Risk in 2026
A jailbreak in a model you ship downstream is a supply chain incident, not a trivia item. Here is how to reason about it and where the defensive controls belong.
DORA TLPT RTS: What the Threat-Led Penetration Testing Standard Requires
The Commission published the DORA TLPT RTS on 18 June 2025 with direct effect from 8 July 2025. Tests are mandated every three years, aligned to TIBER-EU methodology.
Red Team Supply Chain Attack Simulation
How red teams can simulate real-world supply chain attacks to test organizational defenses—from dependency confusion to build pipeline compromise.
Purple Team Exercises for Supply Chain Security
Purple team exercises combine offensive and defensive perspectives to test supply chain defenses. Here is how to structure exercises that improve both detection capabilities and attack understanding.
Vulnerability Chaining: Real-World Examples and Defense Strategies
Individual vulnerabilities rarely tell the full story. This deep dive examines how attackers chain low-severity bugs into devastating exploits and how defenders can break the chain.
Penetration Testing the Software Supply Chain
Traditional pentests focus on the application. Supply chain pentesting targets the build pipeline, dependency resolution, and distribution mechanisms. Here is how to approach it.