Safeguard
Tag

sbom

Safeguard articles tagged "sbom" — guides, analysis, and best practices for software supply chain and application security.

974 articles

Best Practices

What is a Trust Boundary

A trust boundary is where data crosses into a higher-privilege context and must be verified. Learn where they hide and how breaches like Log4Shell exploited them.

Feb 3, 20266 min read
DevSecOps

What is a Security Gate

A security gate blocks a build or deploy the moment it fails a policy check. Here's what gates actually check, where to place them, and why most fail.

Feb 2, 20266 min read
Compliance

The Software Transparency Act of 2026: What It Means for the Industry

Proposed legislation would require SBOMs for all critical infrastructure software. Here's a detailed analysis of the bill and its implications.

Feb 1, 20266 min read
Application Security

What is Risk Scoring

Vulnerability risk scoring ranks flaws by real exploitability and exposure, not just CVSS severity. Here's how it works and why it matters.

Feb 1, 20266 min read
Application Security

What is Vulnerability Triage

Vulnerability triage ranks scanner findings by real exploitability and exposure, not raw CVSS score, turning an unmanageable backlog into a short, defensible fix list.

Feb 1, 20267 min read
Container Security

What is a Golden Image

A golden image is the hardened template every server and container is cloned from — powerful for consistency, dangerous when it goes stale. Here's how to secure it.

Feb 1, 20267 min read
Container Security

What is Admission Control (Kubernetes)

Admission control is the last checkpoint in Kubernetes before an object is written to etcd — here's how webhooks, PSA, and policy engines enforce it.

Jan 31, 20267 min read
Best Practices

CISO FAQ: Software Supply Chain Security 2026

The questions CISOs actually ask about software supply chain security in 2026: scope, budget, reporting lines, SBOMs, AI code, and where to start.

Jan 30, 20267 min read
Tutorials

Getting Started with Safeguard CLI: Your First Scan

Install the Safeguard CLI, authenticate, and run your first dependency and SBOM scan in under ten minutes. Covers config, output formats, and CI wiring.

Jan 30, 20266 min read
Software Supply Chain Security

CocoaPods supply chain security and Podfile.lock integrit...

A 2024 CocoaPods Trunk server flaw let attackers hijack orphaned pods and exposed a deeper gap: Podfile.lock never verified dependency integrity in the first place.

Jan 30, 20267 min read
Application Security

What is Attack Surface Reduction

Attack surface reduction means shrinking every entry point attackers can use—code, network, and identity. Here's how to define, measure, and act on it.

Jan 30, 20267 min read
Best Practices

What is a Security Baseline

A security baseline is the minimum, testable set of controls every system or repo must meet — here's how it differs from policy, and how to build one for your supply chain.

Jan 30, 20267 min read
sbom (Page 53) — Safeguard Blog