Safeguard
Tag

vulnerability-scanning

Safeguard articles tagged "vulnerability-scanning" — guides, analysis, and best practices for software supply chain and application security.

82 articles

Container Security

Scanning Oracle Cloud Infrastructure Registry images for ...

A step-by-step guide to OCIR vulnerability scanning: enabling OCI's Vulnerability Scanning Service, triggering push-time scans, triaging CVEs, and signing verified images.

Jan 9, 20268 min read
Container Security

Comparing container registry security features across maj...

A practical, no-fluff comparison of ECR vs ACR vs GAR vs OCIR on scanning depth, signing, IAM, and compliance — plus where Harbor fits and how Safeguard unifies them.

Jan 6, 20268 min read
Container Security

How Log4Shell exposed cloud container images and how to d...

Log4Shell (CVE-2021-44228) still hides in container images years later. Here's how it works, its CVSS/EPSS/KEV context, and how to detect and remediate it across ECR, ACR, and GAR.

Jan 6, 20268 min read
Buyer's Guides

Best container image scanning tools

A practical comparison of container image scanning tools — Trivy, Grype, Snyk, Docker Scout, Clair, and Anchore — with real strengths, limits, and how to pick one.

Nov 17, 20257 min read
Buyer's Guides

Best DAST tools for web application security testing

A practical comparison of DAST tools -- from OWASP ZAP to Invicti -- covering real strengths, limitations, and what Safeguard adds beyond runtime scanning.

Nov 16, 20259 min read
Vulnerability Management

Best vulnerability management platforms

A practical comparison of leading vulnerability management platforms — Tenable, Qualys, Rapid7, CrowdStrike, Wiz, and Microsoft — plus how Safeguard closes the supply-chain gap.

Nov 14, 20257 min read
Buyer's Guides

Best binary analysis and reverse engineering tools

A practical, no-hype guide to binary analysis tools — from Ghidra and IDA Pro to firmware-focused platforms — with real strengths, limitations, and where Safeguard fits.

Nov 9, 20257 min read
Buyer's Guides

Best API security testing tools

A practical, no-hype comparison of API security testing tools — from OWASP ZAP to Salt Security — covering REST/GraphQL coverage, posture management, and real tradeoffs.

Nov 9, 20258 min read
Buyer's Guides

Best artifact repository security tools

A practical, no-hype buyer's guide to artifact repository security tools — what to evaluate, six real vendors compared fairly, and where Safeguard fits.

Nov 8, 20258 min read
AppSec

Web Application Scanning: Tools and Methods Compared

Web application scanning ranges from free automated crawlers to full authenticated DAST pipelines — here's how the methods differ and when each is enough.

Nov 5, 20255 min read
Container Security

How Snyk Container scans distroless and minimal (Wolfi-st...

Distroless and Wolfi-style images strip out package managers, breaking traditional scanners. Here's how Snyk Container identifies vulnerable packages anyway.

Sep 7, 20258 min read
Container Security

How Snyk's Docker Desktop Extension scans images before t...

How Snyk's Docker Desktop extension scans local images for CVEs before push, what it can and can't detect, and where it fits with CI and registry scanning.

Sep 4, 20257 min read
vulnerability-scanning (Page 5) — Safeguard Blog