Safeguard
Tag

security-fundamentals

Safeguard articles tagged "security-fundamentals" — guides, analysis, and best practices for software supply chain and application security.

19 articles

Concepts

CVE vs CWE: What's the Difference?

A CVE identifies one specific vulnerability in one product; a CWE names the underlying type of weakness that caused it. Here's how the two systems differ and how they work together.

Jul 8, 20267 min read
Concepts

DevSecOps Fundamentals

DevSecOps folds security into the fast, automated flow of modern development instead of bolting it on at the end. This guide explains what DevSecOps really means, how the pipeline works stage by stage, and the practices that make it stick.

Jul 8, 20266 min read
Concepts

Container Security Fundamentals

Containers made shipping software faster, but every image is a stack of inherited software with its own attack surface. This guide covers the fundamentals: what a container really is, where the risks live, and the practices that keep images and runtimes safe.

Jul 7, 20266 min read
Concepts

Understanding Open Source Security Risk

Open source powers nearly every modern application, but the code you inherit brings risks you did not write. This guide explains where open source risk comes from, how it reaches your product, and how to manage it without abandoning the ecosystem.

Jul 6, 20266 min read
Concepts

What Is a Security Advisory

A security advisory is an official notice that a product has a security flaw, plus how to fix it. Here is what advisories contain, who issues them, and how to act on one.

Jul 6, 20266 min read
Concepts

Introduction to Secure Software Development

Security is not a phase you bolt on at the end — it is a set of practices woven through every stage of building software. This guide introduces the secure development lifecycle, the practices that matter at each stage, and how to get started.

Jul 5, 20266 min read
Concepts

What Is a CVSS Score

A CVSS score rates how severe a security flaw is on a scale of 0 to 10. Here is what the number means, how to read it, and why it is only part of the risk picture.

Jul 5, 20266 min read
Concepts

Introduction to Vulnerability Scanning

Vulnerability scanning is how teams find known weaknesses before attackers do. This guide explains what a scanner actually does, the main types, how a scan works end to end, and how to turn a wall of findings into a short list of things worth fixing.

Jul 4, 20266 min read
Concepts

What Is a Security Patch

A security patch is a small update that fixes a specific flaw in software. Here is what patches are, why applying them quickly matters, and how teams manage them.

Jul 4, 20266 min read
Concepts

Understanding SBOM Formats

A software bill of materials is only useful if tools can read it. Two standards dominate — SPDX and CycloneDX — and knowing what each captures, how they differ, and when to use which is the difference between an inventory that works and one that gathers dust.

Jul 3, 20266 min read
Concepts

What Is a Software Dependency

A software dependency is outside code your program relies on to run. Here is what dependencies are, why modern apps have so many, and why they matter for security.

Jul 3, 20266 min read
Concepts

Understanding CVSS Scores

CVSS turns a vulnerability's characteristics into a number from 0 to 10 and a severity label. Here is what the score actually measures, how the metrics combine, and why the number alone should never drive your patching.

Jul 2, 20266 min read
security-fundamentals — Safeguard Blog