Safeguard
Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

All (117)AI Security (384)DevSecOps (197)Best Practices (175)Open Source Security (154)Vulnerability Analysis (117)Incident Analysis (114)Industry Analysis (107)Compliance (100)Application Security (97)Regulatory Compliance (89)Container Security (89)Cloud Security (70)Vulnerability Management (70)Software Supply Chain Security (65)Supply Chain Attacks (54)Threat Intelligence (47)SBOM (41)Product (35)Tools (32)SBOM & Compliance (30)Supply Chain Security (25)Ransomware (24)Infrastructure Security (23)Regulation (20)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Agent Security (16)Vulnerability Response (16)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Supply Chain (12)Frameworks (12)Data Breach (11)Dependency Security (11)Web Security (11)Open Source (9)Kubernetes Security (9)Company (8)Standards (8)Architecture (8)Industry Insights (7)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Vendor Comparison (6)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Breach Analysis (5)Code Security (5)Cryptocurrency Security (4)Tool Comparison (4)Mobile Security (4)Product Launch (4)Policy (4)Offensive Security (4)Tool Comparisons (4)Healthcare Security (3)Social Engineering (3)Build Security (3)Industry (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Hardware Security (3)Identity Security (2)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)DeFi Security (2)Incident Postmortem (1)Technical (1)Healthcare (1)Events (1)Product Update (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Credential Attacks (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed
Vulnerability Analysis

ServiceNow CVE-2024-4879: Remote Code Execution via Jelly Template Injection

Critical RCE vulnerabilities in ServiceNow were chained together for unauthenticated access, with active exploitation observed within days of disclosure.

Jul 10, 20246 min read
Vulnerability Analysis

regreSSHion: CVE-2024-6387 OpenSSH Remote Code Execution

A regression in OpenSSH's signal handler reintroduced a vulnerability from 2006, enabling unauthenticated remote code execution on glibc-based Linux systems. Here's what you need to know.

Jul 1, 20246 min read
Vulnerability Analysis

Check Point VPN Zero-Day CVE-2024-24919: Information Disclosure Under Active Exploitation

A critical information disclosure vulnerability in Check Point VPN products allowed attackers to read sensitive files including password hashes, enabling lateral movement into enterprise networks.

May 28, 20245 min read
Vulnerability Analysis

GitHub Enterprise Server CVE-2024-4985: SAML Authentication Bypass

A critical authentication bypass in GitHub Enterprise Server allowed attackers to forge SAML responses and gain administrator access to self-hosted GitHub instances without any credentials.

May 20, 20245 min read
Vulnerability Analysis

Palo Alto PAN-OS Zero-Day CVE-2024-3400: Command Injection in GlobalProtect

A critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProtect feature was exploited as a zero-day, giving attackers root access to firewalls protecting enterprise networks.

Apr 12, 20245 min read
Vulnerability Analysis

Kubernetes CVE-2024-3177: Bypassing Mountable Secrets Policy

A medium-severity Kubernetes vulnerability allowed pods to access secrets they should not have been able to mount, undermining RBAC-based secret isolation in multi-tenant clusters.

Mar 10, 20245 min read
Vulnerability Analysis

Ivanti Connect Secure Zero-Day: CVE-2024-21887 and CVE-2023-46805 Exploited in the Wild

Two chained zero-days in Ivanti Connect Secure VPN appliances gave attackers unauthenticated remote code execution. Here's what happened and why perimeter devices remain a favorite target.

Jan 10, 20245 min read
Vulnerability Analysis

Apache OFBiz CVE-2023-51467: Authentication Bypass in Enterprise Resource Planning

CVE-2023-51467 bypassed a previous patch for an authentication flaw in Apache OFBiz, granting unauthenticated access to ERP functionality. A patch bypass that exposed critical business data.

Dec 26, 20236 min read
Vulnerability Analysis

Apache Struts CVE-2023-50164: Critical File Upload RCE Echoes Equifax-Era Nightmares

A critical path traversal vulnerability in Apache Struts allowed RCE through file upload manipulation. The disclosure triggered flashbacks to the 2017 Equifax breach caused by a similar Struts flaw.

Dec 7, 20236 min read
Page 8 of 13

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.

Blog | Safeguard — Software Supply Chain Security Insights