sbom
Safeguard articles tagged "sbom" — guides, analysis, and best practices for software supply chain and application security.
974 articles
Choosing the best Node.js Docker image
Chainguard's minimal Node.js images cut attack surface, but base-image choice is only one link in the chain. Here's how Safeguard compares on patching, debugging, and provenance.
What is a Software Bill of Materials (SBOM)
An SBOM is a machine-readable inventory of every software component and dependency. Learn what it contains, why it matters, and how Safeguard uses it.
Chainguard alternatives for hardened container images
A side-by-side look at Chainguard alternatives, comparing Safeguard's supply chain security scope against Chainguard's hardened base image approach.
CycloneDX vs SPDX: SBOM Formats Compared
CycloneDX vs SPDX: how the two SBOM formats differ in vulnerability data, licensing, regulatory recognition, and conversion — and which to pick.
Chainguard vs Docker Official Images: hardening and CVE p...
A concrete look at how Chainguard's distroless Wolfi images and Docker Official Images differ on CVE counts, rebuild cadence, and default hardening.
Inventory Of MCP Servers: Enterprise Program
MCP servers proliferate faster than governance can track them. Build an inventory program that captures every server, tool, and consumer agent.
What is Software Supply Chain Security
SolarWinds, Log4Shell, and XZ Utils show why software supply chain security now spans code, dependencies, and build pipelines alike.
What is a Software Supply Chain Attack
A software supply chain attack compromises trusted dependencies or build systems to spread malicious code downstream — here's how it works, and how to stop it.
Zero-day vulnerabilities: what they are and how to protec...
Zero-days can't be patched before they're exploited. See how Log4Shell, MOVEit, and the XZ backdoor happened, and what real zero-day vulnerability protection requires.
What is Dependency Confusion
Dependency confusion lets attackers hijack builds by publishing malicious packages under private package names to public registries. Here's how it works.
Attack Surface Management (ASM): best practices guide
A practical attack surface management best practices guide for software supply chains, covering SBOMs, base image hardening, CI/CD exposure, and a 90-day rollout plan.
Buyer Guide: Software Supply Chain Security 2026
A senior-engineer buyer guide for software supply chain security in 2026: what the categories mean, what to test, and what to ignore in vendor pitches.