Safeguard
Tag

Security

Safeguard articles tagged "Security" — guides, analysis, and best practices for software supply chain and application security.

58 articles

Best Practices

Signed Artifact Policy Enforcement In 2026

Signing artifacts is necessary but not sufficient. The policy that verifies signatures, attestations, and trust roots is what turns signing into a security control.

Mar 11, 20268 min read
AI Security

Griffin AI vs Claude Prompt Caching: Security

Claude's prompt caching gives you 90% discount on cached tokens. Security workloads have massive cacheable surface area. Griffin AI takes advantage; direct API use often does not.

Mar 6, 20262 min read
Best Practices

MCP Server Capability Policy Enforcement

MCP servers expose tools that AI agents can call directly. Capability policy decides which tools each agent gets, with the same rigor as any other supply chain gate.

Mar 6, 20268 min read
Best Practices

Guardrails As An Incident Prevention System

Detection and response cannot scale if the prevention layer is missing. Guardrails turn the lessons of past incidents into the policy that prevents the next one.

Mar 1, 20268 min read
Events

Open Source Security Summit 2026: Key Takeaways

We attended the Open Source Security Summit 2026 and came back with five actionable insights for security teams.

Feb 20, 20266 min read
Open Source Security

Why Choose Wolfi Linux: A Buyer Rationale for 2026

A clear-eyed look at Wolfi's value as a container base image distribution: glibc-based design, security defaults, build provenance, and where it does not fit.

Jan 29, 20266 min read
DevSecOps

From DevOps to DevSecOps: A Practical Shift-Left Guide

Shift-left security doesn't mean dumping security tools on developers. Here's a practical guide to integrating security into your development workflow without killing velocity.

Jan 20, 20263 min read
Secure Development

TLS Library Comparison: OpenSSL vs. LibreSSL vs. BoringSSL

Three forks of the same codebase, three different security philosophies. Here is how to choose the right TLS library for your project.

Sep 20, 20255 min read
Industry Analysis

Open Source Security Census 2025: Who Maintains the Code We All Depend On?

An analysis of the state of open-source security in 2025. Critical infrastructure runs on projects maintained by small, often unpaid teams. Here is what the data shows and why it matters.

Mar 8, 20255 min read
AI Security

AI Agent Frameworks: A Security Assessment of the New Autonomous Frontier

AI agents that can execute code, browse the web, and manage infrastructure are proliferating. The security implications of these autonomous frameworks demand scrutiny.

Mar 5, 20256 min read
Best Practices

Data Pipeline Platform Migration Security

Moving from one orchestration platform to another surfaces hidden trust relationships. A security-first migration plan for Airflow, Dagster, and Prefect transitions.

Dec 22, 20247 min read
Language Security

Zig's Memory Safety Model: A Security Analysis for Systems Programmers

Zig offers memory safety features that C lacks but does not go as far as Rust. For security-critical code, understanding where Zig sits on the safety spectrum matters.

Aug 22, 20246 min read
Security (Page 2) — Safeguard Blog