Safeguard
Tag

secure-by-design

Safeguard articles tagged "secure-by-design" — guides, analysis, and best practices for software supply chain and application security.

16 articles

Cloud Security

Secure-by-design principles for cloud architecture: prevention over detection

The 2019 Capital One breach hit 700+ S3 buckets through one SSRF call. Secure-by-design architecture stops that path before it exists.

Jul 12, 20267 min read
Best Practices

What CISA's Secure by Design Pledge Actually Requires

CISA's Secure by Design pledge asks 68+ vendors for measurable one-year progress on 7 goals. Here's what those goals mean for engineering teams.

Jul 10, 20266 min read
Security Guides

OWASP A04: Insecure Design — A Deep-Dive Guide

Insecure Design is a new OWASP Top 10 (2021) category at #4. A deep dive into design flaws vs implementation bugs, threat modeling, real cases, and prevention.

Jul 2, 20267 min read
Compliance

CISA's Secure-by-Design pledge two years in: vendor commitments and procurement effects

CISA's Secure-by-Design pledge launched in April 2024 with seven voluntary goals. Two years later, signatories are publishing progress reports and procurement teams are starting to ask hard questions.

May 12, 20268 min read
Compliance

CISA's Secure by Design pledge explained

CISA's voluntary Secure by Design pledge has grown from 68 signatories to 300+, but it's unverified and self-reported. Here's what the seven goals really require.

May 10, 20267 min read
Compliance

CISA Secure by Design Operational Guidance 2026

Translating CISA's Secure by Design pledge into operational engineering work in 2026, with the specific control mappings and evidence practices that hold up to audit.

May 8, 20265 min read
Compliance

Secure by Design Pledge: Reading the 2026 Progress Reports

More than 250 manufacturers have signed CISA's Secure by Design pledge. We read the public progress reports to see who is actually moving on the seven goals.

Apr 8, 20266 min read
Application Security

What is Secure by Design

Secure by Design turns CISA's 2023 guidance and pledge into concrete practice: memory-safe code, no default passwords, and verifiable SBOMs over marketing claims.

Feb 6, 20267 min read
Application Security

What is Secure by Default

Secure by default means software ships in its safest state out of the box. See real breaches, standards, and pledges driving this shift.

Feb 6, 20266 min read
Compliance

CISA Secure by Design Pledge: Signatories in 2026

CISA's Secure by Design Pledge has crossed 300 signatories. Here is what the 2026 cohort is committing to, what regulators expect in return, and how to prove it.

Jan 28, 20267 min read
Compliance

CISA Secure by Design Pledge: Practical Impact

An engineer's assessment of what the CISA Secure by Design Pledge actually changed inside product teams, what it did not, and where the 2026 expectations are landing.

Jan 21, 20267 min read
Industry

CISA Secure by Design Pledge: Reading the One-Year Progress Reports

The CISA Secure by Design pledge crossed its one-year mark in May 2025 with over 150 signatories. We analyze the published progress reports and where vendors are quietly falling short.

Jun 4, 20257 min read
secure-by-design — Safeguard Blog