secure-design
Safeguard articles tagged "secure-design" — guides, analysis, and best practices for software supply chain and application security.
16 articles
Dependency injection in Python: a guide to testability and security boundaries
FastAPI shipped a built-in DI container in its very first release in December 2018 — but the same swappability that makes DI testable can quietly ship a mock into production.
Data Flow Diagrams for Threat Modeling
A data flow diagram maps how data moves through a system and where trust changes — the foundation most threat modeling is built on. Here's how to draw one that actually surfaces threats.
Threat Modeling for Developers: A Lightweight Practical Guide
Threat modeling doesn't need a two-day workshop. A developer-friendly 2026 guide to modeling threats with the four-question framework and STRIDE — fast enough to run on a feature branch.
The Security Design Review: A Practical Guide
A security design review examines a system's architecture before it is built to find flaws that no code scanner can catch. Here's how to run one that finds real problems while they are still cheap to fix.
Secure Defaults, Explained
Secure defaults mean the out-of-the-box configuration is the safe one, and weakening it requires a deliberate opt-in. Here's why the default state decides most real-world security outcomes.
Zero Trust Architecture, Explained
Zero trust replaces the trusted internal network with a model that verifies every request explicitly, regardless of where it comes from. Here's what it actually means and how to move toward it.
The Principle of Least Privilege, Explained
Least privilege means every user, service, and process gets exactly the access it needs to do its job — and nothing more. Here's why it contains breaches and how to implement it without breaking things.
Secure Design Principles Every Team Should Know
Secure design principles are the durable rules of thumb — least privilege, fail securely, defense in depth, secure defaults — that keep systems safe by construction rather than by patching. Here's the working set and how to apply them.
Threat Modeling for Developers
Threat modeling doesn't have to be a heavyweight ceremony run by a separate security team. Here's how developers can fold lightweight, per-feature threat modeling directly into pull requests and sprint work.
Attack Surface Reduction: A Practical Guide
Attack surface reduction is the discipline of removing every input, interface, and privilege an attacker could reach that your system does not actually need. Here's how to inventory, shrink, and keep it small.
The STRIDE Methodology Explained
STRIDE is a threat-modeling mnemonic that turns a blank whiteboard into six specific questions: is this element vulnerable to Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, or Elevation of privilege? Here's how to apply it.
What Is Threat Modeling?
Threat modeling is the structured practice of asking what can go wrong with a system before you build it, then designing controls to match. Here's the four-question framework, how to run a session, and where it fits supply chain security.