Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
From UnitedHealth to AT&T to Snowflake's downstream effects, two years of Item 1.05 filings reveal patterns in materiality, vendor incidents, and update cadence.
Vulnerability Exploitability eXchange documents promise to reduce alert fatigue by distinguishing exploitable vulnerabilities from theoretical ones. Here is how enterprises are actually using them.
A comprehensive look at GitHub's evolving supply chain security toolkit, from Dependabot to code scanning, and how these features are reshaping how developers manage dependency risk.
How Shopify built a supply chain security program that protects millions of merchants while maintaining the development velocity that e-commerce demands.
How Netflix manages security across hundreds of open-source projects and thousands of internal dependencies while maintaining the velocity that streaming demands.
How Cloudflare secures the software supply chain for infrastructure that sits between the internet and millions of websites, with lessons on Rust adoption and edge computing security.
How Uber rebuilt its security program after the 2016 data breach and the 2022 Lapsus$ compromise, with hard-won lessons about security culture and supply chain controls.
How Microsoft rebuilt its security posture after years of high-profile incidents, implementing supply chain controls that now protect one of the world's largest software ecosystems.
How Stripe secures its software dependencies while processing billions of dollars in payments, with a focus on Ruby ecosystem hardening and dependency isolation.
Weekly insights on software supply chain security, delivered to your inbox.