Safeguard
Tag

supply-chain-security

Safeguard articles tagged "supply-chain-security" — guides, analysis, and best practices for software supply chain and application security.

1053 articles

Industry Analysis

Managing secrets securely with OCI Vault

A step-by-step guide to OCI Vault secrets management: provisioning, rotation, IAM policies, pipeline integration, and best practices for securing credentials.

Jan 9, 20268 min read
Vulnerability Analysis

Kubernetes kubelet symlink volume mount escape (CVE-2021-25741)

CVE-2021-25741 lets attackers escape subPath volume mounts in Kubernetes kubelet via a symlink race, exposing host files and enabling privilege escalation.

Jan 8, 20267 min read
Identity Security

Using OCI resource principal authentication to avoid embe...

A concrete guide to OCI resource principal authentication: how it works, how it differs from instance principals, and how to eliminate static API keys from OCI workloads.

Jan 8, 20267 min read
Container Security

Detecting container threats in OCI with Cloud Guard

How OCI Cloud Guard detects container threats in OKE — detector recipes, responder rules, real blind spots, and where Safeguard adds runtime and supply-chain coverage.

Jan 7, 20267 min read
Vulnerability Analysis

libwebp animated WebP overflow (CVE-2023-5129)

CVE-2023-5129 exposed a critical libwebp heap overflow, then got rejected as a duplicate of CVE-2023-4863 — leaving two CVE trails for one flaw.

Jan 7, 20268 min read
Container Security

Comparing container registry security features across maj...

A practical, no-fluff comparison of ECR vs ACR vs GAR vs OCIR on scanning depth, signing, IAM, and compliance — plus where Harbor fits and how Safeguard unifies them.

Jan 6, 20268 min read
Vulnerability Analysis

minimist prototype pollution (CVE-2020-7598)

A deep dive into CVE-2020-7598, the minimist prototype pollution vulnerability that rippled across the npm ecosystem, with impact, timeline, and remediation steps.

Jan 6, 20267 min read
Product

Safeguard v5: One Year In — What We Built, What We Learned

A retrospective on Safeguard v5's first year in production, the features that resonated, and where we're headed next.

Jan 5, 20266 min read
Software Supply Chain Security

Software supply chain security for core banking systems

How core banking system supply chain security failures happen, what they cost, and how SBOMs and vendor risk monitoring keep core banking platforms safe.

Jan 5, 20267 min read
Vulnerability Analysis

protobufjs prototype pollution (CVE-2022-25878)

CVE-2022-25878 is a critical prototype pollution flaw in protobufjs. Here's what's affected, the CVSS/EPSS context, and how to remediate it fast.

Jan 5, 20268 min read
Vulnerability Analysis

lodash property injection via merge functions (CVE-2018-16487)

CVE-2018-16487 let attackers pollute Object.prototype via lodash's merge, mergeWith, and defaultsDeep functions. Here's how it works and how to fix it.

Jan 4, 20267 min read
Industry Analysis

Third-party risk management for fintech SaaS vendors

A practical, step-by-step fintech third-party risk management playbook: vendor discovery, tiering, security review, continuous monitoring, and contract controls.

Jan 4, 20269 min read
supply-chain-security (Page 54) — Safeguard Blog