Safeguard
Tag

sbom

Safeguard articles tagged "sbom" — guides, analysis, and best practices for software supply chain and application security.

972 articles

Best Practices

What is a Trust Store

Trust stores decide which signatures your systems believe. Here's how they work, why they matter for supply chain security, and how to audit them.

Jan 27, 20266 min read
Compliance

CISA SBOM Mandate Enforcement Begins: What Federal Contractors Need to Know

CISA is moving from SBOM guidance to enforcement in 2026. Here's what the mandate requires and how to prepare.

Jan 25, 20266 min read
DevSecOps

What is a CI/CD Pipeline

A CI/CD pipeline automates code from commit to deployment—but SolarWinds, Codecov, and CircleCI show it's also a top supply-chain attack target.

Jan 25, 20266 min read
Industry Analysis

State of Software Supply Chain Security 2026

A senior-engineer view of where software supply chain security stands in 2026: what's changed, what's stuck, and where budgets, regulations, and attacker tactics converge.

Jan 25, 20269 min read
Industry Analysis

State of Open Source Security Report Overview

Open source vulnerabilities tripled in six years, but 70-85% aren't even reachable. A data-driven look at the real state of open source security in 2026.

Jan 24, 20267 min read
AI Security

SPDX Coverage: Griffin AI vs Mythos

SPDX is the format auditors ask for, the format regulators reference, and the format most enterprise procurement teams standardize on. Griffin AI treats it as a first-class graph. Mythos-class tools treat it as a long document.

Jan 23, 20267 min read
Industry Analysis

State of Cloud Security Report Overview

This year's cloud security reports point to the same conclusion: detection isn't the bottleneck anymore — identity sprawl, supply chain risk, and slow remediation are.

Jan 23, 20268 min read
Architecture

Safeguard Knowledge Graph Architecture

How Safeguard's knowledge graph unifies components, vulnerabilities, policies, and runtime evidence into a single queryable substrate that powers every product surface.

Jan 23, 20268 min read
Industry Analysis

State of Agentic AI Adoption Report Overview

Safeguard's State of Agentic AI Adoption Report finds 71% of enterprises now run agents with production access, outpacing identity, SBOM, and reachability controls.

Jan 23, 20267 min read
Industry Analysis

Inside the Agentic Development Supply Chain Report

Safeguard's research team analyzed 42,000+ repositories with agentic commit activity, finding new dependency, MCP server, and SBOM gaps introduced by AI coding agents.

Jan 23, 20267 min read
SBOM

SBOM Distribution Patterns: TEA, VEX, and the Last Mile in 2026

How SBOMs actually move between producers and consumers in 2026, what TEA and VEX are solving, and the distribution patterns that hold up in production.

Jan 22, 20265 min read
Industry Analysis

The Hidden Cost of AI Code in Financial Services

Banks and fintechs are shipping AI-generated code faster than they can vet it. The bill for that speed is starting to come due.

Jan 22, 20267 min read
sbom (Page 55) — Safeguard Blog