Safeguard
Tag

secure-sdlc

Safeguard articles tagged "secure-sdlc" — guides, analysis, and best practices for software supply chain and application security.

20 articles

Compliance

What is the OWASP Software Assurance Maturity Model (SAMM)

A concrete breakdown of OWASP SAMM's 5 functions, 15 practices, and 30 streams, how its maturity levels work, and how it compares to BSIMM.

Feb 25, 20267 min read
Best Practices

What is Fuzz Testing (Fuzzing)

Fuzz testing bombards software with malformed inputs to surface crashes and memory bugs. Here's how fuzzers work, what they've found, and where they fall short.

Feb 14, 20267 min read
Application Security

What is Static Code Analysis

Static code analysis scans source code for flaws before it runs. Here's how SAST works, what it catches, and where it falls short without reachability context.

Feb 7, 20266 min read
Application Security

What Are Secure Coding Standards

Secure coding standards are enforceable rules — like OWASP and CERT — that stop specific CWEs before code ships. Here's what they cover and how to enforce them.

Jan 29, 20267 min read
DevSecOps

The Security Development Lifecycle (SDL): A Working Guide

The SDL turned security from a pre-release audit into a discipline applied at every phase of building software. What the lifecycle actually contains, where it came from, and how to run it without a Microsoft-sized team.

Oct 14, 20256 min read
Compliance

ISO 27001 Annex A Controls That Touch Your Build Pipeline

ISO 27001:2022 has 93 Annex A controls, and about a dozen land squarely on CI/CD. Here's the control-by-control map from clause number to pipeline artifact.

Mar 20, 20246 min read
DevSecOps

What Is SSDLC? The Secure Software Development Lifecycle

SSDLC builds security work into every phase of delivery instead of auditing at the end. Here is what changes at each phase, which frameworks define it, and how to adopt it without stalling releases.

Mar 14, 20246 min read
Case Studies

Microsoft's Secure Supply Chain Practices

How Microsoft rebuilt its security posture after years of high-profile incidents, implementing supply chain controls that now protect one of the world's largest software ecosystems.

Sep 15, 20237 min read
secure-sdlc (Page 2) — Safeguard Blog