Safeguard
Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

All (7)AI Security (384)DevSecOps (197)Best Practices (175)Open Source Security (154)Vulnerability Analysis (117)Incident Analysis (114)Industry Analysis (107)Compliance (100)Application Security (97)Regulatory Compliance (89)Container Security (89)Cloud Security (70)Vulnerability Management (70)Software Supply Chain Security (65)Supply Chain Attacks (54)Threat Intelligence (47)SBOM (41)Product (35)Tools (32)SBOM & Compliance (30)Supply Chain Security (25)Ransomware (24)Infrastructure Security (23)Regulation (20)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Agent Security (16)Vulnerability Response (16)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Supply Chain (12)Frameworks (12)Data Breach (11)Dependency Security (11)Web Security (11)Open Source (9)Kubernetes Security (9)Company (8)Standards (8)Architecture (8)Industry Insights (7)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Vendor Comparison (6)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Breach Analysis (5)Code Security (5)Cryptocurrency Security (4)Tool Comparison (4)Mobile Security (4)Product Launch (4)Policy (4)Offensive Security (4)Tool Comparisons (4)Healthcare Security (3)Social Engineering (3)Build Security (3)Industry (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Hardware Security (3)Identity Security (2)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)DeFi Security (2)Incident Postmortem (1)Technical (1)Healthcare (1)Events (1)Product Update (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Credential Attacks (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed
How-To Guide

Building a Security Champions Program

A step-by-step guide to launching a security champions program that scales your security team's influence across engineering without hiring a dozen new AppSec engineers.

Feb 28, 20247 min read
How-To Guide

Automated Security Testing in CI/CD Pipelines

A hands-on guide to embedding SAST, SCA, secret scanning, and container analysis into your CI/CD pipeline without making builds unbearably slow.

Jul 22, 20236 min read
How-To Guide

Securing Your Private Package Registry

Private package registries are high-value targets for supply chain attackers. Here is how to lock them down, from access controls to dependency confusion prevention.

May 30, 20236 min read
How-To Guide

Automating Vulnerability Remediation: A Practical Guide

Stop drowning in CVE backlogs. Learn how to build automated remediation workflows that fix vulnerabilities faster without burning out your engineering team.

Nov 8, 20226 min read
How-To Guide

Setting Up Pre-Commit Security Hooks

Catch secrets, vulnerable patterns, and misconfigurations before they reach your repository with pre-commit hooks that developers will actually keep enabled.

Oct 12, 20226 min read
How-To Guide

Setting Up Dependency Scanning on GitHub

A hands-on walkthrough for configuring automated dependency scanning in your GitHub repositories, from Dependabot alerts to custom CI workflows.

Aug 22, 20226 min read
How-To Guide

How to Create Your First SBOM

A practical, step-by-step guide to generating your first Software Bill of Materials using open-source tools and integrating it into your development workflow.

Jul 5, 20225 min read

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.

Blog | Safeguard — Software Supply Chain Security Insights