Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Most organizations know they should care about software supply chain security, but few have a structured way to assess their maturity. A practical framework for evaluating and improving your posture.
From the US Executive Order to the EU Cyber Resilience Act, SBOM requirements are becoming law. Here is where things stand in 2025 and what organizations need to do to comply.
Safeguard 5.0 introduces Griffin AI, expanded SBOM analysis, and a redesigned policy engine. Here is what is new and why it matters for your security program.
Six tools generate SBOMs from Java projects. They disagree on transitive depth, license fields, and licensing of their own output. A head-to-head.
23 NYCRR Part 500 was amended in 2023 with stronger third-party and vulnerability management language. For covered financial entities, SBOM practice has quietly become a compliance expectation.
Zero trust is not just a network architecture concept. Applied to the software supply chain, it fundamentally changes how organizations verify code, dependencies, and build processes.
The SCA market is maturing fast, with acquisitions, AI-powered analysis, and SBOM mandates reshaping the competitive landscape and what buyers should expect.
We scored 1,200 production SBOMs in 2024 across CycloneDX and SPDX. The quality distribution is worse than advertised and we have the numbers.
CISA releases updated guidance on SBOM sharing practices, addressing the full lifecycle from generation to consumption across supplier and buyer relationships.
Weekly insights on software supply chain security, delivered to your inbox.