Safeguard
Tag

supply-chain-security

Safeguard articles tagged "supply-chain-security" — guides, analysis, and best practices for software supply chain and application security.

1053 articles

Supply Chain

SCA Security Tools: A Practical Shortlist

A working shortlist of SCA security tools, what actually differentiates them beyond CVE counts, and how to pick an sca solution that fits your ecosystem.

Feb 18, 20265 min read
DevSecOps

How to set up DAST scanning in a CI/CD pipeline

A practical guide to building a DAST scanning CI/CD pipeline with OWASP ZAP — setup, integration, rule tuning, and troubleshooting for real deployments.

Feb 18, 20267 min read
Best Practices

What is EDR (Endpoint Detection and Response)

What EDR actually detects, how it differs from antivirus, XDR, and MDR, and why supply chain attacks like XZ Utils and 3CX slip past it entirely.

Feb 17, 20267 min read
Best Practices

What is SIEM

SIEM explained: how it works, what data feeds it, how it differs from SOAR/XDR, and where reachability-based supply chain security fills its blind spots.

Feb 17, 20267 min read
Best Practices

What is Network Segmentation

Network segmentation limits breach blast radius by isolating systems into enforced zones. Learn the types, common mistakes, and how to implement it in hybrid clouds.

Feb 16, 20267 min read
Best Practices

What is Incident Response

What incident response actually means, its four NIST phases, and why supply chain attacks like Log4Shell and SolarWinds break traditional response assumptions.

Feb 15, 20268 min read
Best Practices

What is a Data Breach

A data breach is unauthorized access to sensitive data. See real causes like MOVEit and Log4Shell, average costs, and how to prevent one.

Feb 14, 20267 min read
Identity Security

How to implement zero trust network architecture

A practical, step-by-step guide to implement zero trust network architecture: identity, microsegmentation, posture checks, policy-as-code, and verification.

Feb 14, 20267 min read
Best Practices

What is Threat Intelligence

Threat intelligence turns raw indicators into actionable defense. Here's what it actually is, its four types, and how it applies to software supply chains.

Feb 13, 20267 min read
Best Practices

What is MITRE ATT&CK

MITRE ATT&CK catalogs real attacker behavior into 14 tactics and 200+ techniques. Here's how it works, how it differs from CVE/CWE, and how to use it.

Feb 13, 20267 min read
Best Practices

What is a Kill Chain

What is a cyber kill chain? A staged breakdown of how attacks unfold, from Lockheed Martin's 7 stages to why supply chain attacks break the model.

Feb 13, 20266 min read
Supply Chain

Open Source Security Management: From Policy to Pipeline

A policy document nobody enforces is theater. Here is how to turn open source rules into pipeline checks that developers can live with.

Feb 12, 20265 min read
supply-chain-security (Page 45) — Safeguard Blog