Safeguard
Tag

sbom

Safeguard articles tagged "sbom" — guides, analysis, and best practices for software supply chain and application security.

972 articles

SBOM and Compliance

Compliance Dashboard Design Patterns for Supply Chain Security

Compliance dashboards translate complex supply chain data into actionable views for auditors, executives, and engineering teams. These design patterns make the difference between a dashboard that drives action and one that collects dust.

Apr 10, 20246 min read
Industry Guides

Enterprise SCA Tool Evaluation Framework

Choosing a software composition analysis tool for the enterprise? Here's a structured evaluation framework covering what actually matters.

Apr 5, 20248 min read
SBOM & Compliance

Mend vs Black Duck: Functional Comparison

Compare Mend (formerly WhiteSource) and Black Duck on SBOM export, license policy, detection sources, deployment model, and enterprise reporting for 2024 SCA selection.

Apr 3, 20245 min read
Product

ESSCM: Enterprise SBOM Management at Scale

Managing SBOMs across hundreds of products requires more than file storage. ESSCM brings lifecycle management, versioning, and queryability to your software inventory.

Mar 15, 20247 min read
Industry Guides

Energy Sector Software Security and NERC CIP Compliance

Power utilities and energy companies must secure software supply chains while meeting NERC CIP requirements. Here's a practical approach.

Mar 12, 20247 min read
Supply Chain

What Does SCA Stand For, and Why Does It Matter Now?

SCA stands for software composition analysis, and it matters more in 2024 than it did five years ago because open source now makes up the majority of most codebases.

Mar 12, 20245 min read
Best Practices

.NET 8 Supply Chain Improvements

.NET 8 quietly shipped several supply chain improvements worth knowing — NuGet audit, signed packages, SBOM tooling, and better source-link coverage.

Mar 10, 20245 min read
Guides

How to Generate an SBOM in a GitLab CI Pipeline

A working .gitlab-ci.yml for SBOM generation with Syft: CycloneDX report artifacts, a Grype scan stage, and Cosign attestations pushed next to the image.

Mar 3, 20245 min read
Company

Introducing Safeguard: Software Supply Chain Security, Done Right

Today we are launching Safeguard, a platform purpose-built for managing the security of your software supply chain from SBOM generation to vulnerability response.

Mar 1, 20247 min read
SBOM

SBOMs for Microservices Architecture: Managing Complexity at Scale

When your application is 50 services with 50 dependency trees, SBOM management stops being simple. Here's how to handle it.

Feb 20, 20246 min read
Company

Why We Built Safeguard

The software supply chain is broken. We started Safeguard because existing tools treated SBOM as a checkbox exercise instead of a security discipline.

Feb 15, 20247 min read
SBOM & Standards

SBOMs for AI/ML Models: Why Machine Learning Needs a Bill of Materials

As AI models become critical infrastructure, the need for transparency about their components, training data, and dependencies grows urgent. Emerging standards are beginning to address this gap.

Feb 10, 20246 min read
sbom (Page 76) — Safeguard Blog