sbom
Safeguard articles tagged "sbom" — guides, analysis, and best practices for software supply chain and application security.
972 articles
Open source license management tools: features and best p...
A practical comparison of open source license management tools, contrasting Safeguard and Mend.io on detection, policy enforcement, and SBOM depth.
Best DevSecOps tools to secure the SDLC
Comparing the best DevSecOps tools to secure the SDLC: Mend.io's SCA-first platform vs Safeguard's reachability-driven, supply-chain-wide approach.
AngularJS security fundamentals
AngularJS has been unpatched since January 2022, yet it still runs in production. Here's the CVE history, the sandbox saga, and how to find your exposure.
An Engineering Guide to AI Bill of Materials (AIBOM)
An AIBOM extends the SBOM to models, datasets, and prompts. What goes in one, how CycloneDX 1.6 encodes it, and how to generate it in CI without a documentation project.
10 Spring Boot security best practices
Ten concrete Spring Boot security practices, with real CVEs, config flags, and file paths, to close the gaps attackers actually exploit.
Top container security tools to evaluate
Comparing Safeguard and Mend.io on the dimensions that actually matter for container security: scanning engine transparency, air-gapped support, registry coverage, and product origin.
How to secure Python Flask applications
Flask ships without built-in CSRF, headers, or session hardening. Here's how real CVEs like debug-mode RCE and cookie forgery get exploited—and stopped.
Evaluating AI Security Posture Management (AI-SPM) tools:...
A practical, criteria-based comparison of Safeguard and Mend.io for AI-SPM buyers: provenance verification, AI-BOM depth, and CI/CD policy enforcement.
Best AI red teaming tools ranked
Best AI red teaming tools ranked: how Mend.io's SCA scanning and Safeguard's exploitability-first SBOM analysis actually differ for AI supply chain risk.
Mend.io vs Black Duck: choosing an AppSec/SCA platform
A practical, evidence-based look at how Mend.io and Black Duck approach SCA — and where Safeguard's reachability-aware scanning and SBOM tooling differ.
Mend.io alternatives for SCA/AppSec buyers
A concrete look at Mend.io alternatives for SCA and AppSec buyers, comparing policy enforcement, SBOM generation, and build integrity against Safeguard's unified platform.
10 GitHub security best practices
10 concrete GitHub security controls—2FA, push protection, branch rules, pinned Actions, SBOM—with real CVEs and dates security teams can act on today.