Industry Analysis
Homomorphic Encryption in Software Supply Chains
A grounded look at BFV, CKKS, and TFHE schemes for supply chain workloads, measured costs, library choices, and where HE is not yet practical.
Dec 22, 20255 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
A grounded look at BFV, CKKS, and TFHE schemes for supply chain workloads, measured costs, library choices, and where HE is not yet practical.
From AI-generated SBOMs to regulatory enforcement and the death of CVSS-only triage, here is what the software security landscape will look like in 2026.
The 2025 annual SSCS report lands into a changed landscape. Key findings, trend lines, and what the numbers actually imply for 2026 planning.
From the CVE program funding crisis to the rise of AI-targeted supply chain attacks, 2025 reshaped the software security landscape. A comprehensive look at the year's defining events and trends.
A data-led look at software supply chain attacks in Q3 2025: npm maintainer phishing, VS Code extension abuse, and a quiet shift toward CI/CD targeting.
How to build a budget case for a supply chain security program that survives CFO scrutiny, with dollar-denominated risk, benchmarks, and staged investment tiers.
The CVE program nearly lost its funding in early 2025, exposing deep structural risks in how we track vulnerabilities. Here is what happened and where we go from here.
A field-tested board-level metrics framework for supply chain security, covering MTTR, reachable risk, SBOM coverage, and vendor posture with dollar-tied targets.
An analysis of the state of open-source security in 2025. Critical infrastructure runs on projects maintained by small, often unpaid teams. Here is what the data shows and why it matters.
Weekly insights on software supply chain security, delivered to your inbox.