Industry Analysis
DEF CON 33 Software Supply Chain Sessions Recap
DEF CON 33 brought hacker-energy attention to package ecosystems, CI/CD abuse, and AppSec Village. Here is what supply chain defenders should take home.
Feb 2, 20267 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
DEF CON 33 brought hacker-energy attention to package ecosystems, CI/CD abuse, and AppSec Village. Here is what supply chain defenders should take home.
How SBOM adoption differs across finance, healthcare, public sector, manufacturing, and tech in 2026, where the real operational usage is, and where it stalls.
Manual patching is a losing race against the rate of new vulnerabilities. Autonomous remediation is not a future technology — it is the only workflow that keeps pace with modern supply chains.
Black Hat USA 2025 highlighted AI-generated code risks, build system attacks, and the maturation of SBOM tooling. Here is what mattered for supply chain teams.
A senior-engineer view of where software supply chain security stands in 2026: what's changed, what's stuck, and where budgets, regulations, and attacker tactics converge.
Scanners generate findings. Programs produce outcomes. After a decade of dashboards and CVE counts, it is time to admit the gap between the two is the actual security problem.
From AI-generated code risks to regulatory enforcement, these are the supply chain security trends that will shape the year ahead.
Where zk-SNARKs, STARKs, and Bulletproofs actually fit in software supply chain attestation, and where conventional signatures remain the correct choice.
SBOM adoption has grown rapidly, but maturity varies wildly. Here's where the industry actually stands heading into 2026.
Weekly insights on software supply chain security, delivered to your inbox.