Security
Safeguard articles tagged "Security" — guides, analysis, and best practices for software supply chain and application security.
58 articles
OSS Trademark Policies: Security Angle
Trademarks matter in open source security because they are the signal of authentic origin. When trademark policies fail, typosquatting, impostor forks, and compromised builds follow.
Pydantic v2 Security Implications
Pydantic v2 rewrote the core in Rust and changed validation semantics. Here is what that means for security-sensitive code, from input coercion to ReDoS exposure.
Maintainer Burnout: Security Implications
Exhausted maintainers are not just a welfare problem. They are a security problem. Burnout is a precondition for social engineering, delayed patches, and hostile takeovers.
Rails Application Template Security
Rails application templates are powerful and dangerous: how they execute, what they can touch, and how to use them safely for new-project scaffolding.
AWS AppConfig Dynamic Config Security
AppConfig ships configuration changes to running applications in seconds. That makes it a powerful tool and a compelling target. Here is how to run AppConfig safely.
Certificate Pinning for Software Updates: When and How to Pin
Certificate pinning can protect your update channel from MITM attacks, but it introduces operational complexity. Here is when pinning makes sense and how to do it safely.
Green Software and Security: When Sustainability Meets Supply Chain Risk
The push for sustainable software is changing how we build and deploy applications. Security teams need to understand where green initiatives create new risks.
Vite and Turbopack: Security Considerations for Next-Gen Build Tools
Vite and Turbopack represent the next generation of JavaScript build tools. Their architectures introduce new security considerations alongside their performance improvements.
Bun Runtime Security Considerations: Speed vs. Safety Trade-offs
Bun prioritizes performance over Node.js compatibility. But some of those performance choices have security implications worth understanding.
Monorepo Security: Dependency Management at Scale
Monorepos centralize code but create unique security challenges. Learn how to manage shared dependencies, enforce security policies, and maintain SBOMs across a monorepo architecture.
Security Considerations When Migrating from Monolith to Microservices
Decomposing a monolith into microservices changes the attack surface fundamentally. The security model that worked for the monolith will not work for the distributed system.
When Observability Meets Security: The Convergence That Changes Everything
Observability and security have operated in silos for too long. Their convergence creates capabilities that neither could achieve alone.