supply-chain-security
Safeguard articles tagged "supply-chain-security" — guides, analysis, and best practices for software supply chain and application security.
1053 articles
Security concerns of using the Node.js VM module as a sandbox
Node's vm module and vm2 were never a security boundary. Four critical CVEs and a 2023 deprecation prove why untrusted-code sandboxes need real isolation.
Open Source Sustainability Is an Attack Surface Problem
Unmaintained, underfunded open source is not just a reliability risk — it is how attackers get in. The xz Utils backdoor proved that maintainer burnout is a security vulnerability with a CVE number.
Container Registry Scanning
How container registry scanning actually works, why Aqua's Trivy isn't enough on its own, what the xz-utils backdoor exposed, and how Safeguard prioritizes findings that matter.
Kubernetes Secrets
Kubernetes Secrets are base64, not encrypted, by default. Here is how they actually leak, why scanners like Aqua fall short, and how to fix it.
Software Supply Chain Attacks
Software supply chain attacks like SolarWinds, XZ Utils, and polyfill.io exploit trust, not code. Here's how they work and how Safeguard closes the provenance gap.
Repojacking
Aqua Security found nearly 37,000 GitHub repos vulnerable to repojacking, including Google and Lyft. Here's how the attack works and how Safeguard catches it.
Container Image Signing
Signing tells you where a container image came from; scanning only tells you what's inside it. Here's how image signing works, how Aqua handles it, and what a complete solution needs.
MITRE ATT&CK Framework
MITRE ATT&CK maps 200+ attacker techniques, but runtime tools like Aqua only catch supply chain compromise after deployment. Here's the build-time gap and how to close it.
Benefits of Cloud Security Posture Management (CSPM)
CSPM cuts breach risk and audit time by catching cloud misconfigurations before attackers do. See the data on cost, MTTR, and where Prisma Cloud falls short.
DSPM Market Size: 2026 guide
DSPM spending is set to grow 25%+ annually through 2026. Here's how the market size breaks down, how Prisma Cloud fits in, and where supply chain security closes the gap.
Web Application Security Risks & Best Practices
Web app flaws like MOVEit and Log4Shell keep causing breaches. Here's what's actually exploitable in 2026, and how to fix it before attackers do.
What is Attack Surface Management
Attack surface management explained: what it covers, how it differs from vulnerability management, and why CISA and Gartner now treat it as core AppSec.