Safeguard
Tag

sca-scanning

Safeguard articles tagged "sca-scanning" — guides, analysis, and best practices for software supply chain and application security.

8 articles

Supply Chain

PyPI Malware News: What's Happening and How to Detect It

PyPI malware news keeps repeating the same pattern — typosquats, compromised maintainer accounts, and post-install scripts that exfiltrate credentials — here's how to actually catch it.

Jun 2, 20265 min read
Comparisons

Snyk's Market Position: An Independent Read Going Into 2026

Snyk's market position going into 2026 rests on developer-first SCA and container scanning, with SAST and DAST as comparatively newer additions.

Jan 15, 20265 min read
Supply Chain

SCA Scanning: What It Catches in Practice

SCA scanning finds known CVEs in your open-source dependencies and license conflicts you didn't know you'd agreed to — here's exactly what a scan catches, in order of how often it actually matters.

Sep 30, 20255 min read
Industry Analysis

How snyk-to-html converts CLI scan results into shareable...

A technical look at how snyk-to-html converts Snyk CLI JSON scan output into shareable, self-contained HTML reports for CI pipelines and audits.

Aug 17, 20258 min read
Supply Chain

SCA Security: What Software Composition Analysis Actually Catches

SCA security scans the open source dependencies that make up most of your codebase, finding known CVEs, risky licenses, and malicious packages. Here is what it catches — and what it does not.

May 27, 20257 min read
Vulnerabilities

jQuery 3.7.1 Vulnerabilities: What Actually Changed From Earlier Releases

jQuery 3.7.1 vulnerabilities are mostly inherited history, not new CVEs — the real security story is what changed across 3.4, 3.5, and 3.7.

Mar 11, 20255 min read
Licensing

Types of Licenses: A Quick Reference for Engineers

Software licenses split into permissive, copyleft, and proprietary categories, each with different obligations. Here's a quick reference for the types of license engineers actually run into.

Apr 9, 20245 min read
Licensing

Apache 2 License: A Quick Reference

The Apache 2 license is a permissive open source license that allows commercial use, modification, and redistribution, with an explicit patent grant most permissive licenses lack.

Feb 19, 20245 min read
sca-scanning — Safeguard Blog