Cloud Security
Azure Defender for Containers: Getting Real Security Value
How to configure and operationalize Microsoft Defender for Containers for ACR scanning, AKS runtime protection, and CI/CD integration.
Jan 15, 20237 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
How to configure and operationalize Microsoft Defender for Containers for ACR scanning, AKS runtime protection, and CI/CD integration.
A deep dive into ECR scanning options, from basic Clair scanning to enhanced Inspector integration, and what most teams get wrong.
How to lock down your Azure DevOps pipelines against supply chain attacks, credential leaks, and unauthorized deployments.
Server-Side Request Forgery is especially dangerous in cloud environments where metadata services expose credentials and configuration. This guide covers SSRF exploitation techniques and defenses specific to AWS, GCP, and Azure.
IaC scanning catches misconfigurations before they reach production. This guide covers tools, techniques, and integration patterns for Terraform, CloudFormation, and Kubernetes.
A deep look at Amazon Inspector v2 for container scanning, its improvements over v1, and how to get the most out of it.
A practical guide to securing your software supply chain on AWS, from ECR image provenance to CodePipeline hardening.
A critical vulnerability in Azure Cosmos DB allowed any user to gain full admin access to other customers' database instances, exposing data from thousands of organizations including Fortune 500 companies.
Weekly insights on software supply chain security, delivered to your inbox.