secure-by-design
Safeguard articles tagged "secure-by-design" — guides, analysis, and best practices for software supply chain and application security.
16 articles
Secure-by-design principles for cloud architecture: prevention over detection
The 2019 Capital One breach hit 700+ S3 buckets through one SSRF call. Secure-by-design architecture stops that path before it exists.
What CISA's Secure by Design Pledge Actually Requires
CISA's Secure by Design pledge asks 68+ vendors for measurable one-year progress on 7 goals. Here's what those goals mean for engineering teams.
OWASP A04: Insecure Design — A Deep-Dive Guide
Insecure Design is a new OWASP Top 10 (2021) category at #4. A deep dive into design flaws vs implementation bugs, threat modeling, real cases, and prevention.
CISA's Secure-by-Design pledge two years in: vendor commitments and procurement effects
CISA's Secure-by-Design pledge launched in April 2024 with seven voluntary goals. Two years later, signatories are publishing progress reports and procurement teams are starting to ask hard questions.
CISA's Secure by Design pledge explained
CISA's voluntary Secure by Design pledge has grown from 68 signatories to 300+, but it's unverified and self-reported. Here's what the seven goals really require.
CISA Secure by Design Operational Guidance 2026
Translating CISA's Secure by Design pledge into operational engineering work in 2026, with the specific control mappings and evidence practices that hold up to audit.
Secure by Design Pledge: Reading the 2026 Progress Reports
More than 250 manufacturers have signed CISA's Secure by Design pledge. We read the public progress reports to see who is actually moving on the seven goals.
What is Secure by Design
Secure by Design turns CISA's 2023 guidance and pledge into concrete practice: memory-safe code, no default passwords, and verifiable SBOMs over marketing claims.
What is Secure by Default
Secure by default means software ships in its safest state out of the box. See real breaches, standards, and pledges driving this shift.
CISA Secure by Design Pledge: Signatories in 2026
CISA's Secure by Design Pledge has crossed 300 signatories. Here is what the 2026 cohort is committing to, what regulators expect in return, and how to prove it.
CISA Secure by Design Pledge: Practical Impact
An engineer's assessment of what the CISA Secure by Design Pledge actually changed inside product teams, what it did not, and where the 2026 expectations are landing.
CISA Secure by Design Pledge: Reading the One-Year Progress Reports
The CISA Secure by Design pledge crossed its one-year mark in May 2025 with over 150 signatories. We analyze the published progress reports and where vendors are quietly falling short.