saas
Safeguard articles tagged "saas" — guides, analysis, and best practices for software supply chain and application security.
9 articles
Cloud Security Deployment: FAQ
How the multi-tenant and dedicated-VPC cloud deployments work: tenant isolation, data handling, key ownership, latency, and when cloud is the right choice versus self-hosting.
Software Supply Chain Security for SaaS
SaaS companies are a supply chain for everyone else, which is why the EU Cyber Resilience Act, NIS2, SOC 2, and DORA now push obligations onto them. Here is how to build a program that satisfies customers and regulators alike.
What Is the AGPL License? The Network Copyleft, Explained
The GNU Affero GPL closes the SaaS loophole: it extends copyleft to software used over a network. Here is what AGPLv3 requires, why companies treat it cautiously, and what it means for you.
Instructure Canvas Breach (May 2026): Up to 275M Records and a Quiet Settlement
ShinyHunters claimed 3.65 TB and 275 million records from Instructure's Canvas LMS across ~9,000 schools. Instructure confirmed names, emails, student IDs, and user messages were taken, then reportedly paid to make it stop.
SaaS Vendor's EU CRA Readiness Sprint
An anonymized account of how a mid-sized European SaaS vendor prepared for the EU Cyber Resilience Act using a focused 12-week Safeguard readiness sprint.
SOC 2 Type II for SaaS Startups in 2026
What a SOC 2 Type II audit actually requires in 2026, where supply chain controls now sit in the Trust Services Criteria, and how to scope a defensible first report.
CDK Global BlackSuit Ransomware: 15,000 Dealerships Offline for 2 Weeks
BlackSuit ransomware encrypted CDK Global's dealer-management cloud on June 18-19, 2024, crippling roughly 15,000 North American auto dealerships and triggering a reported $25M ransom payment.
Self-Hosted vs SaaS Security Scanning: An Honest Comparison
Run scanners on your own metal or rent the vendor's? A cost, latency, and data-residency comparison from someone who has operated both and regretted each at least once.
SBOMs for SaaS Products: What Customers Are Starting to Demand
SBOMs were originally for on-premises software. Now SaaS customers are asking for them too. Here is what that means and how to respond.