Safeguard
Tag

supply-chain

Safeguard articles tagged "supply-chain" — guides, analysis, and best practices for software supply chain and application security.

749 articles

Regional Security

Africa's Digital Transformation: Security Challenges at Scale

Africa is leapfrogging traditional IT infrastructure with mobile-first, cloud-native solutions. But the cybersecurity foundations are lagging dangerously behind the pace of adoption.

Aug 15, 20236 min read
Infrastructure Security

Terraform Provider Verification: Securing Your Infrastructure as Code Supply Chain

Terraform providers are plugins that execute with full access to your infrastructure credentials. Verifying their integrity is not optional.

Aug 12, 20235 min read
AI Security

LLM Prompt Injection: The New Supply Chain Attack Vector

Prompt injection attacks against large language models represent a dangerous new frontier in software supply chain security. Here's what defenders need to know.

Aug 10, 20236 min read
Software Supply Chain Security

Internal Package Naming Best Practices to Prevent Dependency Confusion

The wrong naming convention for internal packages makes dependency confusion attacks trivial. Here is how to name packages so attackers cannot substitute them.

Aug 8, 20234 min read
DevSecOps

Game Day Exercises for Supply Chain Incidents: Practicing Before the Real Thing

Game day exercises simulate supply chain attacks and failures, testing your team's response procedures before a real incident hits. Here is how to plan and run effective supply chain game days.

Aug 5, 20235 min read
Industry Guides

Pharmaceutical Software Validation and Supply Chain Security

Pharma companies must validate software used in drug manufacturing and clinical trials. Software supply chain security is now part of that equation.

Aug 5, 20237 min read
Open Source Security

npm Tightens Unpublish Rules: What It Means for Supply Chain Security

npm's updated unpublish policy addresses the left-pad problem while balancing maintainer rights, but the supply chain implications go deeper than most realize.

Aug 1, 20235 min read
Dependency Security

Golang Module Security and Verification

Securing your Go module supply chain with checksum databases, GOPROXY, and vendor directories.

Jul 22, 20235 min read
DevSecOps

Security Challenges in Polyglot Repositories

Repositories containing multiple programming languages multiply the security tooling, configuration, and expertise required. These challenges are manageable with the right approach.

Jul 22, 20236 min read
Emerging Technology

WebAssembly Security: New Capabilities, New Supply Chain Questions

WebAssembly is expanding beyond the browser into server-side and edge workloads. The security model and supply chain implications deserve closer scrutiny.

Jul 18, 20235 min read
Software Supply Chain Security

Supply Chain Risk Scoring Algorithms: How They Work and Where They Fail

Risk scoring turns complex supply chain data into actionable numbers. But the algorithms behind these scores have assumptions and blind spots that security teams must understand.

Jul 18, 20237 min read
Industry Guides

Aerospace and Defense Software Supply Chain Security

Aerospace and defense organizations face nation-state threats targeting software supply chains. Here's how to build resilience in high-assurance environments.

Jul 18, 20237 min read
supply-chain (Page 51) — Safeguard Blog