supply-chain
Safeguard articles tagged "supply-chain" — guides, analysis, and best practices for software supply chain and application security.
757 articles
Space Industry Software Supply Chain: Emerging Reality
COTS software, mega-constellations, and export controls are colliding. The space sector's software supply chain risk is shifting faster than its tooling.
Zoom Incidents: Software Supply Chain Dimensions
Zoom's security history from 2020 onward reshaped how the industry thinks about conferencing software supply chains, from installers to third-party components.
Digital Health HIPAA Supply Chain Intersection
Digital health startups collide with HIPAA obligations as soon as they touch clinical data. A regulatory map of the supply chain choke points.
Reproducible Builds Debian: The Long View
Debian's Reproducible Builds project has been at it for over a decade. Here's what they've learned, what still isn't reproducible, and why it matters.
Rust Embedded Supply Chain Guide
Rust is moving into embedded production fast. The supply chain shape for firmware is different from server-side Rust — smaller trees, longer lifetimes, tighter regulations.
Azure Sentinel for Supply Chain Detection
Sentinel has everything it needs to detect supply chain attacks in Azure — but only if the analytics rules are tuned to what those attacks actually look like.
BlackTech Firmware Supply Chain Operations
BlackTech's firmware implants in Cisco routers turned edge devices into long-dwell footholds. A look at the tradecraft and what defenders missed.
Open Source Security Funding in 2024: Who Pays for the Code We All Depend On
Despite growing recognition that open source underpins critical infrastructure, security funding remains fragmented and insufficient. A look at the numbers and what needs to change.
Turborepo Monorepo Supply Chain Security
Turborepo makes large JavaScript monorepos fast, and speed changes how teams think about dependencies. The supply chain implications are subtle enough that a fast-moving team can be in trouble before anyone notices.
Crypto Exchange Supply Chain Hardening
Crypto exchanges are the highest-value software supply chain targets on the internet. A hardening playbook drawn from Lazarus, Ronin, and 3CX.
Zero Trust Principles Applied to the Software Supply Chain
Zero trust is not just a network architecture concept. Applied to the software supply chain, it fundamentally changes how organizations verify code, dependencies, and build processes.
Azure Monitor for Supply Chain Observability
Supply chain observability in Azure is not missing telemetry — it is missing the right queries. A walk through the Azure Monitor data sources that actually answer the hard questions.