Safeguard
Tag

Software Updates

Safeguard articles tagged "Software Updates" — guides, analysis, and best practices for software supply chain and application security.

6 articles

Emerging Technology

DNS Cache Poisoning for Software Updates: 2025

DNS cache poisoning is a known attack class with a new application: hijacking software update checks to ship malicious binaries that pass every signature check.

Mar 20, 20268 min read
Best Practices

Lessons from CrowdStrike: Rethinking How We Deploy Software Updates

The CrowdStrike outage wasn't just an EDR problem. It exposed fundamental weaknesses in how the entire industry handles software updates, from kernel drivers to SaaS platforms.

Jul 22, 20248 min read
Application Security

Certificate Pinning for Software Updates: When and How to Pin

Certificate pinning can protect your update channel from MITM attacks, but it introduces operational complexity. Here is when pinning makes sense and how to do it safely.

Mar 8, 20244 min read
Supply Chain Security

Securing Software Update Mechanisms

Software updates are a double-edged sword: they deliver patches but also provide a trusted channel attackers can exploit. Securing the update mechanism itself is essential to supply chain integrity.

Mar 5, 20246 min read
Infrastructure Security

Software Updates in Air-Gapped Environments: Security Without Connectivity

Air-gapped environments protect critical infrastructure by eliminating network connectivity. But software still needs updates. Bridging this gap without introducing the risks you isolated against is the challenge.

Feb 8, 20245 min read
Software Supply Chain Security

Software Update Signing and Verification: Getting It Right

Signed updates are table stakes for software distribution. But the signing and verification process has pitfalls that undermine the entire security model.

Nov 8, 20225 min read
Software Updates — Safeguard Blog