Safeguard
Tag

supply-chain-security

Safeguard articles tagged "supply-chain-security" — guides, analysis, and best practices for software supply chain and application security.

1052 articles

Application Security

5 best practices for React with TypeScript security

TypeScript's type system stops at compile time. Five concrete practices — with real CVEs and incidents — for securing React + TypeScript apps against what it misses.

May 23, 20266 min read
Application Security

10 GitHub security best practices

10 concrete GitHub security controls—2FA, push protection, branch rules, pinned Actions, SBOM—with real CVEs and dates security teams can act on today.

May 23, 20267 min read
Application Security

Cheat sheet: 10 Bitbucket security best practices

A concrete, numbers-first cheat sheet covering the 10 Bitbucket security settings that stop misconfigurations from becoming supply chain breaches.

May 23, 20266 min read
SBOM

Communicating security posture to customers/investors via...

How to turn SBOMs into a real vendor-risk communication tool for customers and investors, and where Mend.io's scan-first approach falls short.

May 23, 20267 min read
SBOM

Log4j-style incident response using SBOM inventories

How SBOM inventories turned days of Log4Shell triage into minutes-long queries — and why scanner-first tools like Mend.io struggled when every team needed answers at once.

May 22, 20268 min read
Application Security

Rust memory safety and its security advantages

Memory safety bugs cause ~70% of Microsoft's CVEs. Here's how Rust's ownership model eliminates them at compile time, with real CVE examples.

May 20, 20267 min read
AI Security

Claude, GPT, and Coding Harness Security: Comparing Model...

Claude and GPT both write vulnerable code by default in coding harnesses. Comparing model behavior, then Safeguard's approach versus Endor Labs' reachability-first SCA.

May 20, 20268 min read
Application Security

Securing Laravel PHP applications

CVE-2021-3129, leaked APP_KEYs, and Eloquent mass assignment still compromise Laravel apps in 2026 — here's how each attack works and how to close it.

May 20, 20267 min read
Application Security

Securing WordPress plugin dependencies

Real CVEs, a supply-chain hack that hit 360,000 sites, and bundled-library blind spots: what WordPress plugin security actually requires in 2026.

May 19, 20266 min read
Supply Chain

Software Supply Chain Security Solutions: A Comparison Framework

A framework for comparing software supply chain security solutions across the four capabilities that matter, SBOM generation, dependency scanning, provenance verification, and CI/CD gating.

May 19, 20265 min read
Buyer's Guides

Endor Labs vs Safeguard: Reachability-Based SCA Compared

How Endor Labs and Safeguard both use reachability analysis to cut SCA noise, and where their scope and approach to supply chain security diverge.

May 19, 20268 min read
Industry Analysis

Reachability Analysis Explained: Function-Level vs Packag...

Package-level reachability flags 60% of CVEs as "reachable." Function-level analysis, tracing real call paths, cuts that to under 10%. Here's the difference.

May 18, 20267 min read
supply-chain-security (Page 30) — Safeguard Blog