Safeguard
Tag

vulnerability-management

Safeguard articles tagged "vulnerability-management" — guides, analysis, and best practices for software supply chain and application security.

635 articles

Compliance

Vulnerability management under the EU Cyber Resilience Ac...

The EU Cyber Resilience Act sets hard deadlines for vulnerability reporting and SBOMs. Here's what changes, when, and how Safeguard stacks up against Anchore.

Mar 25, 20267 min read
Compliance

EU CRA SBOM requirements overview and compliance tips

The EU Cyber Resilience Act makes SBOMs mandatory for connected products by December 2027. Here is what CRA compliance actually requires, and how to prepare.

Mar 25, 20267 min read
Enterprise

Enterprise Vulnerability Management: From Scanner Sprawl to One Queue

Most large organizations run five or more scanners that disagree with each other. The fix is not another scanner, it is a single deduplicated, prioritized remediation queue with owners.

Mar 24, 20266 min read
SecOps

How to Prioritize a 10,000-Finding Vulnerability Backlog

A five-digit backlog is not a ranking problem, it is a filtering problem. Here is the funnel that turns 10,000 findings into a few hundred that deserve engineering time.

Mar 24, 20266 min read
Supply Chain

Software Supply Chain Security News: How to Actually Track It

Software supply chain security news moves across a dozen disconnected sources — registries, CVE feeds, vendor blogs — here's a repeatable system for not missing the one that hits you.

Mar 24, 20265 min read
Container Security

What is Container Scanning

Container scanning finds known CVEs, secrets, and misconfigurations in image layers before deployment. Here's how it works and where it falls short.

Mar 22, 20267 min read
Vulnerability Management

Ageing Vulnerabilities: Fix vs Mitigate

Old vulnerabilities accumulate quietly until they become a compliance problem. Here is how to decide between fixing and mitigating, with evidence that holds up.

Mar 21, 20268 min read
Container Security

3 Steps to Secure Container Images

A stock base image ships 180+ unused packages. Learn the 3 steps to secure container images: minimize, prioritize by reachability, and enforce.

Mar 21, 20267 min read
Container Security

Top 5 Docker Security Vulnerabilities

Runc escapes, exposed daemons, stale base images, privileged containers, and leaked secrets: the five Docker vulnerabilities behind most real container breaches.

Mar 20, 20267 min read
Container Security

Dockerfile Security Best Practices

Six question-driven answers on Dockerfile hardening: pinning, root users, multi-stage builds, secrets, and the review gates that catch supply chain risk early.

Mar 20, 20267 min read
Comparisons

A Black Duck Scan: What It Covers vs SCA Alternatives

A Black Duck scan focuses heavily on open-source license compliance and binary composition analysis — here's what it actually covers, and where modern SCA alternatives pull ahead.

Mar 18, 20266 min read
Industry Analysis

State of CVE Disclosure and KEV in 2026

A senior-analyst view of CVE disclosure, KEV catalog growth, and the operational patterns that keep pace with them in 2026.

Mar 18, 20269 min read
vulnerability-management (Page 25) — Safeguard Blog