Security
Safeguard articles tagged "Security" — guides, analysis, and best practices for software supply chain and application security.
58 articles
How to Report a Security Vulnerability
You found a security bug — now what? This beginner guide walks through reporting a vulnerability responsibly, from finding the right contact to writing a clear report.
State Privacy Laws 2025-2026: The Security Mandates Hidden Inside
Twenty state comprehensive privacy laws are in force by 2026. Most carry baseline security mandates that security teams - not just privacy lawyers - must operationalize.
Flux CD vs Argo CD: Security Comparison for 2026
A security-focused comparison of Flux 2.5 and Argo CD 3.1: trust models, multi-tenancy, secret handling, signature verification, and the operational differences.
API Gateway Security Baseline for 2026
A practical security baseline for API gateways in 2026, covering authentication, rate limiting, schema validation, observability, and the operational habits that keep gateways trustworthy.
Stopping Risky Dependencies At PR Time, Not Production
Catching risky dependencies after they reach production is expensive. PR-time policy gates stop them at the cheapest moment, with the right context and reviewer attention.
Phased Policy Rollout: Warn To Block In Six Weeks
Hard-blocking a new policy on day one breaks builds and trust. A phased rollout from warn to block earns the right to enforce by proving the policy is correct first.
Kubernetes Admission Policy For Supply Chain
Admission control is the last cheap chance to refuse a non-compliant workload. The right policies turn supply chain attestations into deploy-time decisions.
Break-Glass Workflow Design: Audited Bypass That Works
Every policy needs a bypass path or it will be routed around. The trick is making the bypass auditable, time-bound, and rare enough to remain meaningful.
Runtime Drift Detection For Supply Chain Controls
An admitted workload is not a static one. Runtime drift detection turns the SBOM into a living contract and surfaces supply chain changes before they become incidents.
Griffin AI vs Sourcegraph Cody for Security Use
Cody's codebase-wide context is valuable for security review. Griffin AI adds reachability, taint, and policy grounding that Cody doesn't target.
One Policy Set, Four Enforcement Points
Different gates with different rules create gaps and developer friction. A unified policy engine evaluates one definition at PR, build, admission, and runtime.
Automating License Policy: Blocking AGPL At PR
License risk that surfaces at release time is already too late. PR-time license policy turns an open-ended legal review into an automated, predictable check.