supply-chain-security
Safeguard articles tagged "supply-chain-security" — guides, analysis, and best practices for software supply chain and application security.
1045 articles
CrowdStrike Falcon Update Triggers Global IT Outage: What Happened
On July 19, 2024, a faulty CrowdStrike Falcon sensor update caused 8.5 million Windows machines to blue-screen worldwide, grounding flights, halting hospitals, and exposing the fragility of centralized security infrastructure.
Migrating From Ansible to GitOps: A Supply Chain Perspective
Move from Ansible to GitOps with supply chain security intact. Pattern-by-pattern migration, trust boundary changes, and pitfalls to avoid in the transition.
Sumo Logic for Supply Chain Observability: A Practitioner's Guide
Architect Sumo Logic dashboards, queries, and anomaly detection for software supply chain visibility across SCM, CI/CD, registries, and cloud runtime.
Griffin AI: Your Autonomous Supply Chain Security Analyst
Griffin is Safeguard's AI assistant that answers natural-language questions about your software supply chain, correlates threats in real time, and recommends actions.
GitHub's Supply Chain Security Features
A comprehensive look at GitHub's evolving supply chain security toolkit, from Dependabot to code scanning, and how these features are reshaping how developers manage dependency risk.
What Are Dependencies in Software?
A plain-English definition of software dependencies, how direct and transitive dependencies differ, and why most projects ship far more third-party code than code their own team wrote.
What Is a Docker Container? A Practical Explanation
A Docker container is a lightweight, isolated unit that packages an app with everything it needs to run — here's what that actually means under the hood and why it matters for security.
What Does SCA Stand For, and Why Does It Matter Now?
SCA stands for software composition analysis, and it matters more in 2024 than it did five years ago because open source now makes up the majority of most codebases.
VM to Container: Supply Chain Implications of the Migration
What changes in your software supply chain when you move from virtual machines to containers, and how to adapt governance, scanning, and provenance accordingly.
NIST Cybersecurity Framework 2.0: What Changed and Why It Matters
NIST CSF 2.0 introduces a new Govern function and expands supply chain risk management. Here's what security teams need to know.
Change Healthcare Breach: The Worst Healthcare Data Breach in U.S. History
In February 2024, a ransomware attack on Change Healthcare paralyzed the U.S. healthcare payment system for weeks and ultimately exposed the personal health data of over 100 million Americans, making it the largest healthcare data breach ever recorded.
Shopify's Supply Chain Security Program
How Shopify built a supply chain security program that protects millions of merchants while maintaining the development velocity that e-commerce demands.