Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
MongoDB disclosed unauthorized access to its corporate systems in December 2023, exposing customer metadata and contact information while Atlas cluster data remained secure.
Okta disclosed that attackers used stolen credentials to access its customer support system, downloading HAR files containing session tokens for multiple customers.
Your incident response plan is untested until people have walked through it under pressure. Here is how to design and run tabletop exercises that actually prepare your team for supply chain compromises.
The MOVEit breach became one of the largest data theft incidents in history. Here's an assessment of the damage and what organizations should learn.
A bug in ChatGPT exposed user chat histories and payment information. Here's what happened and what it means for AI service security.
GitHub's accidental exposure of its private RSA SSH host key in a public repository forced an emergency rotation affecting millions of developers.
GitHub rotated its RSA SSH host key after accidental exposure. A small mistake with major supply chain implications for every Git-based workflow.
Supply chain attacks break your standard IR playbook. The compromise originates outside your perimeter, affects trusted software, and the blast radius is unknown. Here's how to adapt.
Attackers phished Dropbox employees by impersonating CircleCI, gaining access to 130 private GitHub repos containing internal code and credentials.
Weekly insights on software supply chain security, delivered to your inbox.