Safeguard
Tag

regulatory-compliance

Safeguard articles tagged "regulatory-compliance" — guides, analysis, and best practices for software supply chain and application security.

57 articles

Regulatory Compliance

Analysis of pickle file deserialization vulnerabilities i...

CVE-2025-32434 shows PyTorch's "safe" weights_only loading could still be bypassed for code execution — a pickle deserialization vulnerability with real supply-chain consequences.

Dec 15, 20258 min read
Regulatory Compliance

Overview of NIST's finalized post-quantum cryptography st...

NIST finalized FIPS 203, 204, and 205 in August 2024, formalizing the first NIST post-quantum standards. Here's what changes for software supply chain security teams.

Dec 14, 20257 min read
Regulatory Compliance

Building an AI governance framework for enterprise risk m...

A practical breakdown of what an AI governance framework needs to contain in 2026 — from NIST's AI RMF to EU AI Act deadlines — and how to build one that scales with engineering velocity.

Dec 6, 20257 min read
Regulatory Compliance

License and Regulatory Risk in Open Source Components

Redis, HashiCorp, and Elastic all re-licensed core projects since 2021, and new rules like the EU Cyber Resilience Act now make license and SBOM gaps a regulatory problem.

Nov 2, 20258 min read
Regulatory Compliance

Insecure Default Configurations in Applications and Frame...

Insecure default configurations caused the 2016 MongoDB ransom wave, the 2018 Tesla Kubernetes breach, and countless audit failures. Here's why defaults stay dangerous and how to fix it.

Oct 29, 20257 min read
Regulatory Compliance

SQL Injection Prevention in C# with Entity Framework/LINQ

EF Core's LINQ layer parameterizes queries by default, but FromSqlRaw, ExecuteSqlRaw, and dynamic sort columns still open real SQL injection risk in .NET apps.

Oct 26, 20258 min read
Regulatory Compliance

Governance Frameworks Emerging for AI-Assisted Software D...

NIST, ISO 42001, and the EU AI Act now shape how teams must govern AI-generated code. Here's what an AI code governance framework actually requires in practice.

Aug 6, 20258 min read
SBOM

Regulatory Pressure and the Uneven Global Adoption of SBOMs

SBOM mandates now span the US, EU, and Japan, but each uses different formats, deadlines, and penalties. Here's how the patchwork actually works.

Jul 29, 20258 min read
Regulatory Compliance

Fintech Software Supply Chain Regulatory Map

A practical tour through the tangle of regulations, supervisory letters, and industry standards that now govern how fintech firms build, buy, and operate software.

Mar 5, 20247 min read
regulatory-compliance (Page 5) — Safeguard Blog