software-supply-chain
Safeguard articles tagged "software-supply-chain" — guides, analysis, and best practices for software supply chain and application security.
526 articles
Adobe Flash's End of Life: Security Lessons From a Decade of Patching
Adobe Flash security was a running joke in the industry for a decade before its 2020 end-of-life — the real lesson wasn't Flash itself, it was how long a critical dependency can outlive its own security model.
US DoD Zero Trust: Software Dimensions
Where the DoD Zero Trust Reference Architecture meets the software supply chain, and what program offices are actually doing about it.
SPDX 3.0: What Changed and Why It Matters
SPDX 3.0 is a major overhaul of the ISO-standard SBOM format. Here is a practical breakdown of the new profile system, linking model, and what it means for adoption.
Introducing Safeguard: Software Supply Chain Security, Done Right
Today we are launching Safeguard, a platform purpose-built for managing the security of your software supply chain from SBOM generation to vulnerability response.
Why We Built Safeguard
The software supply chain is broken. We started Safeguard because existing tools treated SBOM as a checkbox exercise instead of a security discipline.
CycloneDX v1.5: New Features and What They Mean for Your SBOM Program
CycloneDX v1.5 introduced formulation, machine learning BOMs, and expanded evidence. Here is what changed and how to take advantage of it.
Sigstore Reaches GA: Free Software Signing for Everyone
Sigstore's general availability in October 2022 made cryptographic signing accessible to every developer. Here's why this is a watershed moment.
How to Create Your First SBOM
A practical, step-by-step guide to generating your first Software Bill of Materials using open-source tools and integrating it into your development workflow.
Dependency Update Strategies for Large Codebases
At scale, keeping dependencies current is not a weekend chore — it is an engineering discipline. The wrong update strategy creates either a mountain of tech debt or a pipeline permanently broken by cascading upgrades.
SBOM 101: A Complete Beginner's Guide to Software Bill of Materials
Everything you need to know about Software Bills of Materials -- what they are, why they matter, and how to start generating them for your projects.