Safeguard
Tag

research

Safeguard articles tagged "research" — guides, analysis, and best practices for software supply chain and application security.

9 articles

Supply Chain Attacks

Go Toolchain Supply Chain Risks: 2025 Research

2025 research on Go toolchain supply chain risks: module proxy abuse, replace directive attacks, cgo linker vectors, and the hardening patterns Go shops should adopt.

Apr 6, 20268 min read
AI Security

Fine-Tune Backdoor Insertion: Academic Research

A senior engineer's review of academic research on fine-tune backdoor insertion, from BadNets to sleeper agents, and how the findings translate to production ML.

Mar 28, 20267 min read
Industry Analysis

Nullcon Berlin 2026 Supply Chain Highlights

Nullcon Berlin 2026 delivered a dense European view of software supply chain research. Here are the themes and sessions that mattered most to defenders.

Mar 2, 20268 min read
Research

SBOM Quality Across Ecosystems: 2026 Report

The Safeguard Research team measured SBOM quality across ecosystems and generators. The gaps between formats, tools, and languages are larger than most teams assume.

Feb 26, 20268 min read
Research

Top 10 Riskiest Transitive Dependencies 2026

The Safeguard Research team built a risk index for transitive dependencies and ranked the ten categories that concentrate the most risk in modern stacks.

Feb 19, 20268 min read
Research

AI Code Assistant Package Hallucination Study

The Safeguard Research team measured how often AI coding assistants hallucinate non-existent packages, how sticky those hallucinations are, and what defenders should do.

Feb 12, 20267 min read
Research

Abandoned Dependency Risk Study

The Safeguard Research team measured how much abandonment exists in real dependency graphs, how it correlates with risk, and what to do about it.

Feb 5, 20267 min read
Research

Reachability Noise Reduction: Findings

The Safeguard Research team ran reachability analysis across a large corpus of real codebases. This is what we learned about which CVEs actually matter.

Jan 29, 20267 min read
Research

OSS Malware Trends Q1 2026 (Safeguard Research)

The Safeguard Research team analyzed first-quarter 2026 malicious package telemetry across npm, PyPI, RubyGems, and crates.io. Here is what the data shows.

Jan 22, 20267 min read
research — Safeguard Blog