Safeguard
Tag

vulnerability-management

Safeguard articles tagged "vulnerability-management" — guides, analysis, and best practices for software supply chain and application security.

635 articles

Vulnerabilities

Notable CVEs of 2023: A Practitioner's Roundup

From an OpenSSL IV-truncation flaw to a critical Babel code-execution bug, 2023's CVE crop is a good reminder that severity and blast radius don't always line up.

Jan 30, 20246 min read
Vulnerabilities

libwebp and CVE-2023-4863: The Full Story

A heap buffer overflow in libwebp's lossless decoder, exploited in the wild before a patch existed, turned out to affect far more software than the browser it was first reported in.

Jan 24, 20245 min read
Tool Reviews

Veracode SCA: Mature Application Security Meets Dependency Scanning

An overview of Veracode's SCA capabilities within their broader application security platform, covering vulnerability prioritization, agent-based scanning, and enterprise features.

Jan 18, 20245 min read
Cloud Security

AWS ECR Image Scanning: A Deep Dive Into What It Catches and What It Misses

ECR offers both basic and enhanced scanning. The difference between them determines whether your container security is real or performative.

Jan 12, 20246 min read
Vulnerability Management

Vulnerability SLA Compliance Tracking That Actually Works

Most organizations define vulnerability SLAs and then fail to meet them. The problem is not motivation. It is measurement and process.

Jan 12, 20245 min read
Concepts

What is Security Testing

Security testing is how teams find exploitable weaknesses before attackers do. Here's the main types — SAST, DAST, IAST, SCA, fuzzing, pentesting — and how they fit together.

Jan 11, 20247 min read
Security Strategy

How to Write a Security Advisory That Actually Helps

Most security advisories are either too vague to be actionable or too detailed to be safe. Here is how to write advisories that help defenders without enabling attackers.

Dec 28, 20236 min read
AI Security

Autonomous Security Remediation: The Promise and Peril of Self-Healing Software

Automated vulnerability patching sounds ideal until you consider what happens when the automation gets it wrong. Here's a realistic look at autonomous remediation.

Dec 15, 20236 min read
Best Practices

Managing Security Debt: A Practical Guide

Security debt is inevitable, but it does not have to be unmanageable. Learn how to quantify, prioritize, and systematically pay down your organization's security debt.

Dec 5, 20236 min read
Risk Management

Legacy Software and Supply Chain Risks

Legacy systems are supply chain time bombs—running outdated dependencies, unsupported frameworks, and unmaintained libraries. Here's how to manage the risk.

Nov 18, 20237 min read
Vulnerability Management

govulncheck in Production Integration

govulncheck is the best vulnerability scanner the Go ecosystem has ever had, but turning it from a demo into a production gate takes more than adding a CI step.

Nov 8, 20237 min read
Tool Reviews

Wiz Cloud Security Platform: Agentless Done at Scale

An overview of Wiz's cloud security platform, covering its agentless architecture, graph-based risk analysis, and how it changed expectations for cloud security tooling.

Nov 5, 20236 min read
vulnerability-management (Page 51) — Safeguard Blog