Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Frontier model pricing is rising even as cheaper alternatives proliferate. The 2026 architectural response is multi-tier model routing — and the security implications are non-trivial.
A senior engineer's view of how DORA's ICT third-party risk management requirements are reshaping software supply chain controls across European financial services.
Nation-state supply chain tradecraft has evolved sharply since SolarWinds. We trace the 2025 to 2026 patterns, the operational signatures, and defensive implications.
Open-source LLM ecosystems hit a turning point in 2026 as supply chain incidents — backdoored fine-tunes, compromised weights, malicious adapter packages — moved from rare to recurring.
A senior engineer's view of how Australia's Essential Eight evolved through 2025 and 2026 to incorporate software supply chain expectations alongside the original mitigations.
The first enforcement window under the EU AI Act has closed. The actual pattern of enforcement looks different from the one vendors and advocacy groups predicted.
The AI Bill of Materials went from concept paper to procurement requirement in under two years. Here is what the current state of the art actually looks like.
Enterprise agent deployments have moved past pilot phase. The security patterns that have survived contact with production look different from the ones the industry was selling a year ago.
The Model Context Protocol went from a single-vendor proposal to a multi-implementation standard in under eighteen months. The security implications are still being worked out in public.
Weekly insights on software supply chain security, delivered to your inbox.