Transparency
Safeguard articles tagged "Transparency" — guides, analysis, and best practices for software supply chain and application security.
5 articles
How to Read an SBOM
An SBOM is a list of everything inside your software. This beginner guide shows you how to open one, understand each field, and turn it into something useful.
Go Module Checksum Database In Depth
The Go checksum database is one of the most successful supply chain controls in any mainstream ecosystem. Here is how it actually works and where it still has edges.
SBOM as a Product, Not a Checkbox
Most SBOMs are generated, filed, and forgotten. Treating them as compliance artifacts rather than operational products is why they have not paid off — and how to fix it.
Go Checksum Verification Patterns
go.sum and the Go checksum database are among the most rigorous integrity mechanisms in any language ecosystem, and the verification patterns around them deserve to be understood and used well.
Changelog and Security Disclosure Best Practices
How you communicate security changes in your changelog affects both your users' safety and your project's trustworthiness. Here is how to get it right.