Safeguard
Tag

rust

Safeguard articles tagged "rust" — guides, analysis, and best practices for software supply chain and application security.

39 articles

Application Security

Tauri Desktop App Security Model: What Developers Need to Know

Tauri offers a fundamentally different security model than Electron for desktop applications. Understanding its permission system, IPC boundaries, and supply chain implications is critical.

Jun 5, 20247 min read
Open Source Security

Rust no_std Supply Chain Considerations

Writing Rust for embedded or kernel targets drops you into no_std territory, and the supply chain rules are different there. A practical look at what changes and why.

May 15, 20247 min read
Open Source Security

cargo audit vs cargo deny

A practical head-to-head between cargo-audit 0.21 and cargo-deny 0.16 based on six months of running both in production CI pipelines.

Apr 5, 20246 min read
Open Source Security

Rust Build Scripts: A Supply Chain Risk Profile

Why build.rs is the highest-leverage attack surface in the Rust ecosystem, with concrete examples from 2023 and 2024 incidents.

Mar 20, 20246 min read
Software Supply Chain Security

Crates.io Security Audit Results: The State of Rust Package Security

Security audits of the Rust crate ecosystem reveal patterns of unsafe code, build script risks, and supply chain vulnerabilities. Here is what the data shows.

Mar 5, 20246 min read
Compliance & Frameworks

CISA's Memory-Safe Languages Roadmap: What It Means for Software Development

CISA publishes a roadmap urging the industry to transition to memory-safe programming languages, targeting the root cause of roughly 70% of critical vulnerabilities.

Feb 26, 20246 min read
Dependency Security

Rust Cargo Dependency Security Guide

How to secure your Rust supply chain with Cargo.lock, crate auditing, and build script controls.

Nov 10, 20235 min read
Case Studies

Cloudflare's Supply Chain Security Model

How Cloudflare secures the software supply chain for infrastructure that sits between the internet and millions of websites, with lessons on Rust adoption and edge computing security.

Nov 5, 20237 min read
Software Supply Chain Security

Cargo Build Script Security: What build.rs Can Do to Your Machine

Rust build scripts run arbitrary code during compilation. Here is what they can access and how to evaluate the risk in your dependency tree.

Dec 8, 20224 min read
Software Supply Chain Security

Rust Adoption in Security-Critical Software: Where We Stand

Rust promises memory safety without garbage collection. Here is an honest look at where adoption stands and what it means for supply chain security.

Nov 12, 20226 min read
Open Source Security

Rust Supply Chain Security: How crates.io Stacks Up Against npm and PyPI

Rust's crates.io registry has design advantages for supply chain security, but it's not immune. Here's an honest assessment of the Rust ecosystem.

Sep 8, 20226 min read
Secure Development

Clippy Rust Security Lints: Catching What the Borrow Checker Misses

Rust's compiler catches memory safety bugs. Clippy catches everything else -- including security anti-patterns the borrow checker does not care about.

Jul 22, 20225 min read
rust (Page 3) — Safeguard Blog