Safeguard
Tag

zero-trust

Safeguard articles tagged "zero-trust" — guides, analysis, and best practices for software supply chain and application security.

51 articles

Buyer's Guides

Best zero trust architecture implementation tools

A vendor-neutral buyer's guide to zero trust architecture tools: what to evaluate, plus honest strengths and limits of six leading platforms compared.

Nov 5, 20258 min read
Concepts

What Is Mutual TLS (mTLS)? Two-Way Authentication Explained

Mutual TLS makes both sides of a connection prove their identity with certificates, not just the server. It is the backbone of zero-trust communication between services.

Feb 11, 20255 min read
Best Practices

Zero Trust Principles Applied to the Software Supply Chain

Zero trust is not just a network architecture concept. Applied to the software supply chain, it fundamentally changes how organizations verify code, dependencies, and build processes.

Nov 25, 20247 min read
Best Practices

Migrating VPN to Zero Trust: Supply Chain

A phased playbook for retiring corporate VPN concentrators in favor of zero trust network access, with specific guidance for protecting software supply chain pipelines.

Nov 18, 20247 min read
Container Security

Kubernetes Service Mesh Policy Depth

Service meshes promise layered policy. The promise is real, but the layers only help if you use them, and most deployments use one.

Sep 15, 20247 min read
Regulatory Compliance

US DoD Zero Trust: Software Dimensions

Where the DoD Zero Trust Reference Architecture meets the software supply chain, and what program offices are actually doing about it.

Jul 25, 20247 min read
Container Security

Kubernetes Network Policies: The Supply Chain Angle

Network policies are usually framed as a zero-trust tool. They are also one of the best defenses against a compromised dependency.

Apr 8, 20247 min read
Regulatory Compliance

Executive Order 14028 at the Two-Year Mark

Two years after Executive Order 14028 on federal cybersecurity, the operational impact is clearer. What actually changed, what stalled, and what is coming in year three.

Nov 5, 20236 min read
Network Security

Zero Trust for Developer Workstations: Rethinking Endpoint Security

Developer workstations have elevated access to source code, build systems, and deployment pipelines. Zero Trust principles applied to these endpoints significantly reduce supply chain attack surface.

Oct 5, 20235 min read
Kubernetes Security

Kubernetes Network Policies Deep Dive: From Zero Trust to Microsegmentation

By default, every pod can talk to every other pod. Network policies change that, but most implementations are incomplete. Here is how to build real microsegmentation in Kubernetes.

Aug 18, 20237 min read
Security Architecture

Microsegmentation for Software Supply Chain Security

Microsegmentation limits lateral movement after a breach. Applied to software supply chains, it contains the blast radius when a dependency, build tool, or vendor is compromised.

Jun 25, 20235 min read
Network Security

Network Segmentation for Development Environments: Isolating the Build Pipeline

Development environments are often the weakest link in network security. Proper segmentation isolates build systems from production and prevents lateral movement from compromised developer machines.

Oct 5, 20225 min read
zero-trust (Page 4) — Safeguard Blog