vulnerability-scanning
Safeguard articles tagged "vulnerability-scanning" — guides, analysis, and best practices for software supply chain and application security.
82 articles
Scanning Oracle Cloud Infrastructure Registry images for ...
A step-by-step guide to OCIR vulnerability scanning: enabling OCI's Vulnerability Scanning Service, triggering push-time scans, triaging CVEs, and signing verified images.
Comparing container registry security features across maj...
A practical, no-fluff comparison of ECR vs ACR vs GAR vs OCIR on scanning depth, signing, IAM, and compliance — plus where Harbor fits and how Safeguard unifies them.
How Log4Shell exposed cloud container images and how to d...
Log4Shell (CVE-2021-44228) still hides in container images years later. Here's how it works, its CVSS/EPSS/KEV context, and how to detect and remediate it across ECR, ACR, and GAR.
Best container image scanning tools
A practical comparison of container image scanning tools — Trivy, Grype, Snyk, Docker Scout, Clair, and Anchore — with real strengths, limits, and how to pick one.
Best DAST tools for web application security testing
A practical comparison of DAST tools -- from OWASP ZAP to Invicti -- covering real strengths, limitations, and what Safeguard adds beyond runtime scanning.
Best vulnerability management platforms
A practical comparison of leading vulnerability management platforms — Tenable, Qualys, Rapid7, CrowdStrike, Wiz, and Microsoft — plus how Safeguard closes the supply-chain gap.
Best binary analysis and reverse engineering tools
A practical, no-hype guide to binary analysis tools — from Ghidra and IDA Pro to firmware-focused platforms — with real strengths, limitations, and where Safeguard fits.
Best API security testing tools
A practical, no-hype comparison of API security testing tools — from OWASP ZAP to Salt Security — covering REST/GraphQL coverage, posture management, and real tradeoffs.
Best artifact repository security tools
A practical, no-hype buyer's guide to artifact repository security tools — what to evaluate, six real vendors compared fairly, and where Safeguard fits.
Web Application Scanning: Tools and Methods Compared
Web application scanning ranges from free automated crawlers to full authenticated DAST pipelines — here's how the methods differ and when each is enough.
How Snyk Container scans distroless and minimal (Wolfi-st...
Distroless and Wolfi-style images strip out package managers, breaking traditional scanners. Here's how Snyk Container identifies vulnerable packages anyway.
How Snyk's Docker Desktop Extension scans images before t...
How Snyk's Docker Desktop extension scans local images for CVEs before push, what it can and can't detect, and where it fits with CI and registry scanning.