Safeguard.sh
Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

All (126)AI Security (294)DevSecOps (153)Open Source Security (132)Best Practices (126)Vulnerability Analysis (98)Incident Analysis (83)Industry Analysis (80)Application Security (73)Compliance (68)Container Security (64)Software Supply Chain Security (51)Vulnerability Management (47)Regulatory Compliance (42)Threat Intelligence (41)Supply Chain Attacks (36)Product (35)Cloud Security (35)SBOM (34)Supply Chain Security (25)Ransomware (21)Infrastructure Security (20)SBOM & Compliance (19)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Dependency Security (11)Web Security (11)Kubernetes Security (9)Company (8)Architecture (8)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Data Breach (7)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Open Source (5)Breach Analysis (5)Code Security (5)Product Launch (4)Offensive Security (4)Tool Comparisons (4)Build Security (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Mobile Security (3)Hardware Security (3)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)Social Engineering (2)DeFi Security (2)Cryptocurrency Security (2)Technical (1)Healthcare (1)Events (1)Frameworks (1)Product Update (1)Standards (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Healthcare Security (1)Credential Attacks (1)Identity Security (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed
Best Practices

Azure App Service Deployment Security

App Service deployments are easy, which is the problem. A look at the deployment paths, credential surfaces, and hardening steps that matter for production workloads.

Oct 10, 20248 min read
Best Practices

GCP Pub/Sub Security Configuration

A working security configuration for GCP Pub/Sub: topic and subscription IAM, message encryption, VPC Service Controls, dead-letter handling, and the failure modes that turn a messaging layer into an attack surface.

Oct 2, 20247 min read
Best Practices

Doppler Enterprise Secrets Platform Reviewed

Doppler pitches itself as the secrets platform that gets out of developers' way. A detailed look at what works, what does not, and the trade-offs against Vault, Infisical, and the cloud-native options.

Sep 22, 20247 min read
Best Practices

Fastify Security Posture in 2024

Fastify hit version 5.0 in September 2024 with a slimmer core, a plugin model that encourages correctness, and a security track record that genuinely distinguishes it from the Express crowd. Here is what I have learned auditing Fastify apps this year.

Sep 20, 20247 min read
Best Practices

Database Platform Migration: Supply Chain

Database migrations touch every part of the software supply chain. This guide covers how to keep schemas, secrets, and data lineage secure during a platform change.

Sep 18, 20247 min read
Best Practices

Build Server Compromise Investigation

A hands-on investigation guide for compromised build servers, from initial containment through rootkit checks and clean rebuild.

Aug 28, 20247 min read
Best Practices

Legacy COBOL Supply Chain Modernization: A Pragmatic Playbook

Modernize the supply chain around COBOL systems without rewriting them. Build provenance, SBOMs, and policy gates for mainframe code that is not going anywhere.

Aug 28, 20247 min read
Best Practices

CyberArk Conjur for Enterprise Secrets Management

Where Conjur fits in 2024 for enterprise secrets management, what it does well, where it hurts, and how to roll it out without drowning the platform team.

Aug 25, 20247 min read
Best Practices

Incident Response Playbook: Supply Chain Compromise

A step-by-step playbook for responding to upstream dependency, build system, and vendor compromises, including roles, timelines, and stakeholder communications.

Aug 19, 20246 min read
Page 8 of 14

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.

Blog | Safeguard.sh — Software Supply Chain Security Insights