zero-trust
Safeguard articles tagged "zero-trust" — guides, analysis, and best practices for software supply chain and application security.
51 articles
Best zero trust architecture implementation tools
A vendor-neutral buyer's guide to zero trust architecture tools: what to evaluate, plus honest strengths and limits of six leading platforms compared.
What Is Mutual TLS (mTLS)? Two-Way Authentication Explained
Mutual TLS makes both sides of a connection prove their identity with certificates, not just the server. It is the backbone of zero-trust communication between services.
Zero Trust Principles Applied to the Software Supply Chain
Zero trust is not just a network architecture concept. Applied to the software supply chain, it fundamentally changes how organizations verify code, dependencies, and build processes.
Migrating VPN to Zero Trust: Supply Chain
A phased playbook for retiring corporate VPN concentrators in favor of zero trust network access, with specific guidance for protecting software supply chain pipelines.
Kubernetes Service Mesh Policy Depth
Service meshes promise layered policy. The promise is real, but the layers only help if you use them, and most deployments use one.
US DoD Zero Trust: Software Dimensions
Where the DoD Zero Trust Reference Architecture meets the software supply chain, and what program offices are actually doing about it.
Kubernetes Network Policies: The Supply Chain Angle
Network policies are usually framed as a zero-trust tool. They are also one of the best defenses against a compromised dependency.
Executive Order 14028 at the Two-Year Mark
Two years after Executive Order 14028 on federal cybersecurity, the operational impact is clearer. What actually changed, what stalled, and what is coming in year three.
Zero Trust for Developer Workstations: Rethinking Endpoint Security
Developer workstations have elevated access to source code, build systems, and deployment pipelines. Zero Trust principles applied to these endpoints significantly reduce supply chain attack surface.
Kubernetes Network Policies Deep Dive: From Zero Trust to Microsegmentation
By default, every pod can talk to every other pod. Network policies change that, but most implementations are incomplete. Here is how to build real microsegmentation in Kubernetes.
Microsegmentation for Software Supply Chain Security
Microsegmentation limits lateral movement after a breach. Applied to software supply chains, it contains the blast radius when a dependency, build tool, or vendor is compromised.
Network Segmentation for Development Environments: Isolating the Build Pipeline
Development environments are often the weakest link in network security. Proper segmentation isolates build systems from production and prevents lateral movement from compromised developer machines.