Safeguard
Tag

Security

Safeguard articles tagged "Security" — guides, analysis, and best practices for software supply chain and application security.

58 articles

Open Source Security

OSS Trademark Policies: Security Angle

Trademarks matter in open source security because they are the signal of authentic origin. When trademark policies fail, typosquatting, impostor forks, and compromised builds follow.

Aug 10, 20247 min read
Best Practices

Pydantic v2 Security Implications

Pydantic v2 rewrote the core in Rust and changed validation semantics. Here is what that means for security-sensitive code, from input coercion to ReDoS exposure.

Jul 25, 20246 min read
Open Source Security

Maintainer Burnout: Security Implications

Exhausted maintainers are not just a welfare problem. They are a security problem. Burnout is a precondition for social engineering, delayed patches, and hostile takeovers.

Jul 8, 20247 min read
Best Practices

Rails Application Template Security

Rails application templates are powerful and dangerous: how they execute, what they can touch, and how to use them safely for new-project scaffolding.

May 28, 20248 min read
Best Practices

AWS AppConfig Dynamic Config Security

AppConfig ships configuration changes to running applications in seconds. That makes it a powerful tool and a compelling target. Here is how to run AppConfig safely.

Apr 30, 20247 min read
Application Security

Certificate Pinning for Software Updates: When and How to Pin

Certificate pinning can protect your update channel from MITM attacks, but it introduces operational complexity. Here is when pinning makes sense and how to do it safely.

Mar 8, 20244 min read
Industry Trends

Green Software and Security: When Sustainability Meets Supply Chain Risk

The push for sustainable software is changing how we build and deploy applications. Security teams need to understand where green initiatives create new risks.

Feb 8, 20245 min read
AppSec

Vite and Turbopack: Security Considerations for Next-Gen Build Tools

Vite and Turbopack represent the next generation of JavaScript build tools. Their architectures introduce new security considerations alongside their performance improvements.

Jan 28, 20247 min read
Secure Development

Bun Runtime Security Considerations: Speed vs. Safety Trade-offs

Bun prioritizes performance over Node.js compatibility. But some of those performance choices have security implications worth understanding.

Jan 14, 20245 min read
Architecture

Monorepo Security: Dependency Management at Scale

Monorepos centralize code but create unique security challenges. Learn how to manage shared dependencies, enforce security policies, and maintain SBOMs across a monorepo architecture.

Dec 3, 20238 min read
Application Security

Security Considerations When Migrating from Monolith to Microservices

Decomposing a monolith into microservices changes the attack surface fundamentally. The security model that worked for the monolith will not work for the distributed system.

Nov 18, 20237 min read
Industry Trends

When Observability Meets Security: The Convergence That Changes Everything

Observability and security have operated in silos for too long. Their convergence creates capabilities that neither could achieve alone.

Oct 5, 20236 min read
Security (Page 3) — Safeguard Blog