vulnerability-scanning
Safeguard articles tagged "vulnerability-scanning" — guides, analysis, and best practices for software supply chain and application security.
82 articles
FedRAMP vulnerability scanning requirements explained
FedRAMP mandates monthly vulnerability scans and 30-day remediation windows. Here's what Rev 5 requires, and why minimal images like Chainguard's don't exempt you.
Docker image security fundamentals (quick-start guide)
A practical guide to docker image security: how vulnerabilities hide in base images, common misconfigurations, how scanning works, and a five-step quick-start checklist.
What is Docker Security
Docker security spans image scanning, SBOMs, and runtime controls — see the CVEs, misconfigurations, and real breaches that show why each layer matters.
How to Scan Docker Images for Vulnerabilities
A production-grade vulnerability scanning pipeline for Docker images using Trivy and Grype, with reachability-based prioritization and admission enforcement.
How to scan container images for vulnerabilities with Trivy
Learn how to scan container images with Trivy: install it, run your first scan, filter by severity, and gate builds automatically in CI/CD pipelines.
How to set up a vulnerability management program
A step-by-step guide to setting up a vulnerability management program: scanning schedules, risk-based triage, patch management, and metrics that hold up in an audit.
How to configure Nessus for vulnerability scanning
A step-by-step guide to installing Nessus, building scan policies, defining safe targets, and validating results — plus where supply chain risk starts beyond the network scan.
What is a False Positive in Security Scanning
False positives waste security team hours flagging vulnerabilities that aren't actually exploitable. Here's how to spot, measure, and reduce them.
Scanning Go codebases for known vulnerabilities with govu...
A practical govulncheck tutorial for scanning Go codebases for known vulnerabilities, auditing dependencies, and wiring checks into your CI pipeline.
How to enable and configure Amazon ECR image scanning for...
A step-by-step guide to enabling AWS ECR image scanning, from basic vs. enhanced scanning and scan-on-push to CI/CD gating, finding triage, and troubleshooting.
Scanning Azure Container Registry images for vulnerabilities
A step-by-step guide to enabling Azure Container Registry vulnerability scanning with Microsoft Defender for Containers, plus troubleshooting and gating deployments on scan results.
Vulnerability Scanning for AI Models: A New Frontier
AI models ship with dependencies, use vulnerable libraries, and introduce novel attack surfaces. Traditional scanning is not enough.