Safeguard
Tag

sbom

Safeguard articles tagged "sbom" — guides, analysis, and best practices for software supply chain and application security.

972 articles

Case Studies

How a Fortune 500 Bank Ran Its SBOM Program

An anonymized look at how a Fortune 500 financial services firm operationalized an enterprise SBOM program using Safeguard across 4,200 applications.

Jan 15, 20267 min read
DevSecOps

Signing container images and generating SBOMs in Azure pi...

A practical walkthrough for Azure container image signing with Notation and ACR content trust, plus generating SBOMs inside Azure DevOps pipelines.

Jan 15, 20267 min read
Compliance

EO 14028 Two Years In: What Actually Shipped

A clear-eyed look at what parts of Executive Order 14028 actually made it into production across federal agencies, vendors, and the SBOM ecosystem by 2026.

Jan 14, 20267 min read
Cloud Security

What Software Delivery Shield does for end-to-end supply ...

A breakdown of what Google Cloud's Software Delivery Shield actually does — SLSA provenance, SBOM generation, Binary Authorization — and where its coverage gaps still leave supply chains exposed.

Jan 11, 20267 min read
SBOM

Generating SBOMs and provenance with GCP Artifact Analysis

A step-by-step guide to GCP SBOM generation using Artifact Analysis: scan container images, export SPDX/CycloneDX SBOMs, and attach SLSA provenance attestations.

Jan 11, 20267 min read
Industry Analysis

The State of SBOM Adoption in 2026: Progress, Gaps, and Reality

SBOM adoption has grown rapidly, but maturity varies wildly. Here's where the industry actually stands heading into 2026.

Jan 10, 20266 min read
AI Security

SBOM Ingestion: Griffin AI vs Mythos

A detailed comparison of how Griffin AI consumes SBOMs as structured reasoning context while Mythos-class pure-LLM tools skim them as prose — and why that architectural gap determines the quality of every downstream finding.

Jan 7, 20267 min read
Vulnerability Analysis

zlib heap buffer overflow via crafted input (CVE-2022-37434)

CVE-2022-37434: a heap buffer overflow in zlib's gzip header parsing. Affected versions, CVSS/EPSS/KEV context, timeline, and how to remediate it.

Jan 7, 20268 min read
Vulnerability Analysis

libwebp animated WebP overflow (CVE-2023-5129)

CVE-2023-5129 exposed a critical libwebp heap overflow, then got rejected as a duplicate of CVE-2023-4863 — leaving two CVE trails for one flaw.

Jan 7, 20268 min read
Container Security

How Log4Shell exposed cloud container images and how to d...

Log4Shell (CVE-2021-44228) still hides in container images years later. Here's how it works, its CVSS/EPSS/KEV context, and how to detect and remediate it across ECR, ACR, and GAR.

Jan 6, 20268 min read
Product

Safeguard v5: One Year In — What We Built, What We Learned

A retrospective on Safeguard v5's first year in production, the features that resonated, and where we're headed next.

Jan 5, 20266 min read
Regulatory Compliance

PCI DSS software composition analysis requirements for pa...

What PCI DSS 4.0.1 actually requires for tracking third-party and open-source code in payment software, and how SBOMs and SCA tooling satisfy it.

Jan 5, 20267 min read
sbom (Page 57) — Safeguard Blog