Safeguard
Tag

sbom

Safeguard articles tagged "sbom" — guides, analysis, and best practices for software supply chain and application security.

974 articles

Industry Analysis

KubeCon NA 2025: Supply Chain Security Themes

KubeCon + CloudNativeCon NA 2025 put supply chain security at the center of the cloud-native conversation. Here is what mattered for platform teams.

Feb 16, 20268 min read
Best Practices

What is Incident Response

What incident response actually means, its four NIST phases, and why supply chain attacks like Log4Shell and SolarWinds break traditional response assumptions.

Feb 15, 20268 min read
Best Practices

What is a Data Breach

A data breach is unauthorized access to sensitive data. See real causes like MOVEit and Log4Shell, average costs, and how to prevent one.

Feb 14, 20267 min read
Cloud Security

GCP Artifact Analysis API for Vulnerability Triage

GCP's Artifact Analysis API is the most direct way to get scan results into your triage tooling. Here is how to use it without drowning your team.

Feb 14, 20267 min read
Best Practices

What is a Bug Bounty Program

A bug bounty program pays researchers to find and report vulnerabilities before attackers do. Here's how they work, what they cost, and their limits.

Feb 14, 20266 min read
AI Security

SLSA Provenance Consumption: Griffin AI vs Mythos

SLSA provenance is the cryptographic receipt of a build. Griffin AI verifies it, parses it, and uses it as typed evidence. Mythos-class tools describe it and forget to check the signature.

Feb 13, 20267 min read
Best Practices

What is Threat Intelligence

Threat intelligence turns raw indicators into actionable defense. Here's what it actually is, its four types, and how it applies to software supply chains.

Feb 13, 20267 min read
Best Practices

What is a Kill Chain

What is a cyber kill chain? A staged breakdown of how attacks unfold, from Lockheed Martin's 7 stages to why supply chain attacks break the model.

Feb 13, 20266 min read
Application Security

What is Attack Path Analysis

Attack path analysis maps how vulnerabilities and misconfigurations chain together into real exploit routes, cutting 10,000+ findings down to the handful that matter.

Feb 12, 20267 min read
Compliance

EU Cyber Resilience Act: Your SBOM Obligations

The EU Cyber Resilience Act makes SBOMs a legal requirement for products with digital elements sold in Europe. Here is what the regulation actually demands, when the deadlines hit, and how to prepare.

Feb 12, 20266 min read
Vulnerability Analysis

Log4Shell (Log4j Vulnerability) Explained

A deep dive into Log4Shell (CVE-2021-44228): how the critical Log4j2 RCE flaw worked, its timeline, affected versions, and how to remediate it.

Feb 12, 20267 min read
Industry Analysis

Healthcare Supply Chain Security Baseline for 2026

What hospitals and payers should actually require from their software vendors in 2026: HIPAA-aligned controls, SBOM expectations, and the threats now hitting clinical environments.

Feb 11, 20266 min read
sbom (Page 49) — Safeguard Blog