supply-chain-security
Safeguard articles tagged "supply-chain-security" — guides, analysis, and best practices for software supply chain and application security.
1053 articles
Security automation: stop chasing vulnerabilities, start ...
Chasing CVEs doesn't scale — 40,000+ vulnerabilities were logged in 2024 alone. Here's why prevention-first automation beats patch-cycle chasing, and how it differs from Chainguard's approach.
What is Dependency Management
Dependency management means tracking, scanning, and patching the open source packages your app relies on -- here's how it works and why it matters.
Vulnerability management for the modern engineering team
A vulnerability management program for engineering teams needs more than zero-CVE base images. Here's how Safeguard closes the gaps Chainguard leaves open.
RSAC 2026 Floor Report: Agentic AI Security, Platformization, and the Consolidation Debate
What the Moscone show floor actually said about platformization vs. best-of-breed, data sovereignty, and how agentic AI security rewrote the enterprise buying conversation at RSAC 2026.
Simplify PCI DSS 4.0 compliance with hardened containers
PCI DSS 4.0's 30-day patch clock is brutal for container-heavy CDEs. Here's how hardened, minimal images cut CVE noise and make audits defensible.
SOC 2 and the hardened software supply chain
SOC 2 attests to internal controls, not to whether a hardened image or build pipeline is secure. Here is how Chainguard's approach fits, and what it does not cover.
Reachability Analysis: Cutting Through CVE Noise to Find What Actually Matters
Why most CVEs in your dependency tree are not exploitable in your application, and how reachability analysis separates real risk from noise.
Open Source Security Platforms: What They Actually Do
An open source security platform isn't one tool — it's usually a combination of SCA, license scanning, and vulnerability intelligence stitched into a pipeline that watches your dependencies.
Top Software Supply Chain Security Predictions 2026
A senior-engineer set of 2026 predictions for software supply chain security, grounded in current adoption curves, regulatory timelines, and attacker behavior.
What is a Software Bill of Materials (SBOM) — definitions...
What is an SBOM? A plain-language breakdown of definitions, contents, formats (SPDX vs CycloneDX), compliance drivers, and real use cases like Log4Shell and xz-utils.
SBOM GitHub Action / dropping SBOM tooling into CI workflows
Adding an SBOM GitHub Action like Anchore's is easy; making the output useful isn't. Here's what breaks in real CI pipelines and how to fix it.
What is Container Security? (definition, lifecycle, threats)
Container security spans build, ship, and runtime: scanning, SBOMs, Kubernetes hardening, and runtime detection. How it works, and where Anchore leaves gaps.