sbom
Safeguard articles tagged "sbom" — guides, analysis, and best practices for software supply chain and application security.
974 articles
What is a Trust Boundary
A trust boundary is where data crosses into a higher-privilege context and must be verified. Learn where they hide and how breaches like Log4Shell exploited them.
What is a Security Gate
A security gate blocks a build or deploy the moment it fails a policy check. Here's what gates actually check, where to place them, and why most fail.
The Software Transparency Act of 2026: What It Means for the Industry
Proposed legislation would require SBOMs for all critical infrastructure software. Here's a detailed analysis of the bill and its implications.
What is Risk Scoring
Vulnerability risk scoring ranks flaws by real exploitability and exposure, not just CVSS severity. Here's how it works and why it matters.
What is Vulnerability Triage
Vulnerability triage ranks scanner findings by real exploitability and exposure, not raw CVSS score, turning an unmanageable backlog into a short, defensible fix list.
What is a Golden Image
A golden image is the hardened template every server and container is cloned from — powerful for consistency, dangerous when it goes stale. Here's how to secure it.
What is Admission Control (Kubernetes)
Admission control is the last checkpoint in Kubernetes before an object is written to etcd — here's how webhooks, PSA, and policy engines enforce it.
CISO FAQ: Software Supply Chain Security 2026
The questions CISOs actually ask about software supply chain security in 2026: scope, budget, reporting lines, SBOMs, AI code, and where to start.
Getting Started with Safeguard CLI: Your First Scan
Install the Safeguard CLI, authenticate, and run your first dependency and SBOM scan in under ten minutes. Covers config, output formats, and CI wiring.
CocoaPods supply chain security and Podfile.lock integrit...
A 2024 CocoaPods Trunk server flaw let attackers hijack orphaned pods and exposed a deeper gap: Podfile.lock never verified dependency integrity in the first place.
What is Attack Surface Reduction
Attack surface reduction means shrinking every entry point attackers can use—code, network, and identity. Here's how to define, measure, and act on it.
What is a Security Baseline
A security baseline is the minimum, testable set of controls every system or repo must meet — here's how it differs from policy, and how to build one for your supply chain.