Safeguard
Tag

vulnerability-management

Safeguard articles tagged "vulnerability-management" — guides, analysis, and best practices for software supply chain and application security.

635 articles

Application Security

What is Vulnerability Triage

Vulnerability triage ranks scanner findings by real exploitability and exposure, not raw CVSS score, turning an unmanageable backlog into a short, defensible fix list.

Feb 1, 20267 min read
Application Security

What is Exposure Management

Exposure management goes beyond CVE lists — it's the continuous, evidence-backed way to find and fix what attackers can actually exploit today.

Jan 30, 20267 min read
Application Security

What is Continuous Threat Exposure Management (CTEM)

CTEM is Gartner's five-stage framework for continuously scoping, discovering, prioritizing, and validating exposures instead of relying on periodic scans.

Jan 30, 20266 min read
Application Security

What is Attack Surface Reduction

Attack surface reduction means shrinking every entry point attackers can use—code, network, and identity. Here's how to define, measure, and act on it.

Jan 30, 20267 min read
Best Practices

What is a Security Baseline

A security baseline is the minimum, testable set of controls every system or repo must meet — here's how it differs from policy, and how to build one for your supply chain.

Jan 30, 20267 min read
Case Studies

FinTech Cuts CVE Noise 80% With Reachability

An anonymized story of how a high-growth payments FinTech slashed vulnerability backlog noise by 80% using Safeguard's reachability analysis.

Jan 29, 20267 min read
Research

Reachability Noise Reduction: Findings

The Safeguard Research team ran reachability analysis across a large corpus of real codebases. This is what we learned about which CVEs actually matter.

Jan 29, 20267 min read
Application Security

What is the CERT Secure Coding Standard

CERT secure coding standards give C, C++, and Java developers rule-by-rule guidance — with IDs, risk scores, and fix patterns — for avoiding exploitable bugs.

Jan 29, 20261 min read
DevSecOps

Jira and Docker: Integrating Security Workflows

Jira docker integration for security teams usually means auto-filing tickets from container scan findings — here's how to wire it without flooding the backlog with noise.

Jan 28, 20265 min read
SecOps

Air-Gapped Vulnerability Management

No internet means no live CVE feeds, no SaaS scanners, and no auto-updates — but the vulnerabilities still arrive. How to run a real vulnerability management program inside a disconnected environment.

Jan 28, 20266 min read
SecOps

Security Posture Assessment: A Step-by-Step Method

A security posture assessment turns 'are we secure?' into a measured, repeatable answer. Here is a six-phase method — from asset inventory to a scored, prioritized gap list you can act on.

Jan 28, 20266 min read
Best Practices

What is Defense in Depth

Defense in depth stacks independent security layers—source, build, dependencies, artifacts, runtime—so no single failure causes a breach.

Jan 27, 20267 min read
vulnerability-management (Page 32) — Safeguard Blog