Safeguard
Tag

sbom

Safeguard articles tagged "sbom" — guides, analysis, and best practices for software supply chain and application security.

974 articles

Container Security

Top 5 Docker Security Vulnerabilities

Runc escapes, exposed daemons, stale base images, privileged containers, and leaked secrets: the five Docker vulnerabilities behind most real container breaches.

Mar 20, 20267 min read
Container Security

Dockerfile Security Best Practices

Six question-driven answers on Dockerfile hardening: pinning, root users, multi-stage builds, secrets, and the review gates that catch supply chain risk early.

Mar 20, 20267 min read
SBOM

SPDX 3.0 Feature Overview for 2026

What changed in SPDX 3.0 and the 3.0.1 patch release: the profile model, AI and dataset profiles, serialization choices, and what to migrate first.

Mar 19, 20265 min read
SBOM & Compliance

VEX Statements: Eliminating SBOM Noise In 2026

An SBOM without VEX is a noise machine. Here is how disciplined VEX authoring cuts vulnerability backlogs by 70-90% while improving defensibility, not weakening it.

Mar 19, 20266 min read
Container Security

What is Kubernetes Security

Kubernetes security spans four layers — cloud, cluster, container, code — and misconfiguration, not novel exploits, causes most real-world incidents.

Mar 19, 20268 min read
Regulatory Compliance

NIST Cybersecurity Framework (CSF) explained

NIST CSF 2.0 added a Govern function and supply chain risk category in 2024. Here's what it requires, how Vanta maps it, and where build-level evidence closes the gap.

Mar 19, 20268 min read
Container Security

Kubernetes Monitoring Guide

A practical Kubernetes monitoring guide: what to track across nodes, control plane, and workloads, the tools teams use, and where monitoring alone misses supply chain risk.

Mar 19, 20266 min read
Regulatory Compliance

FedRAMP authorization process for cloud vendors

A breakdown of the FedRAMP authorization process for cloud vendors — timelines, JAB vs. agency ATOs, 3PAO testing, costs, and where GRC tools like Vanta fall short on supply chain evidence.

Mar 19, 20268 min read
AI Security

AI-BOM and ML-BOM: The State of Standards in 2026

Where AI-BOM and ML-BOM specifications stand in 2026, which formats have real adoption, and what to capture today even if the standards are still in motion.

Mar 18, 20265 min read
Cloud Security

What is Cloud Native Security

Cloud native security explained: what it is, the 4C's model, real breach examples, SBOM requirements, and the tools that secure containers and Kubernetes.

Mar 18, 20267 min read
AI Security

Cross-Vendor SBOM Normalization: Griffin AI vs Mythos

Your SBOMs come from a dozen vendors, three scanners, and two CI systems. Normalising them into one queryable graph is where SBOM programs actually succeed or fail.

Mar 17, 20264 min read
Container Security

Container Security vs Virtual Machine Security

Containers and VMs isolate workloads at different layers — kernel vs. hypervisor — which changes attack surface, blast radius, patch speed, and what your scanner actually needs to cover.

Mar 17, 20267 min read
sbom (Page 40) — Safeguard Blog