Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

Filter

All (8)AI Security (384)DevSecOps (197)Best Practices (175)Open Source Security (154)Vulnerability Analysis (117)Incident Analysis (114)Industry Analysis (107)Compliance (100)Application Security (97)Regulatory Compliance (89)Container Security (89)Cloud Security (70)Vulnerability Management (70)Software Supply Chain Security (65)Supply Chain Attacks (54)Threat Intelligence (47)SBOM (41)Product (35)Tools (32)SBOM & Compliance (30)Supply Chain Security (25)Ransomware (24)Infrastructure Security (23)Regulation (20)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Agent Security (16)Vulnerability Response (16)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Supply Chain (12)Frameworks (12)Data Breach (11)Dependency Security (11)Web Security (11)Open Source (9)Kubernetes Security (9)Company (8)Standards (8)Architecture (8)Industry Insights (7)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Vendor Comparison (6)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Breach Analysis (5)Code Security (5)Cryptocurrency Security (4)Tool Comparison (4)Mobile Security (4)Product Launch (4)Policy (4)Offensive Security (4)Tool Comparisons (4)Healthcare Security (3)Social Engineering (3)Build Security (3)Industry (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Hardware Security (3)Identity Security (2)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)DeFi Security (2)Incident Postmortem (1)Technical (1)Healthcare (1)Events (1)Product Update (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Credential Attacks (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed

Vulnerability Management

Linguistic Lumberjack: lessons from Fluent Bit CVE-2024-4323

Tenable's Linguistic Lumberjack flaw in Fluent Bit's monitoring API was a heap corruption with a wide blast radius because observability sidecars are everywhere and rarely inventoried.

May 13, 20266 min read

AI Security

LLM Traces and Evals: The Missing Layer in AI Supply Chain Security

Prompt traces and offline evals are standard hygiene for ML teams, but almost nobody treats them as supply chain telemetry. They should be. Here's how traces and evals plug into SBOM and reachability as a fourth security signal.

Apr 8, 20267 min read

Industry Analysis

Azure Monitor for Supply Chain Observability

Supply chain observability in Azure is not missing telemetry — it is missing the right queries. A walk through the Azure Monitor data sources that actually answer the hard questions.

Nov 22, 20248 min read

Industry Analysis

Grafana Loki for Build Pipeline Logs: Patterns That Scale

Design a Loki-based log pipeline for CI/CD observability and supply chain forensics. Labels, retention, LogQL patterns, and cost discipline from the field.

Nov 12, 20247 min read

Industry Analysis

Datadog Security for Supply Chain Monitoring

Using Datadog's Cloud SIEM, ASM, and logs pipeline to monitor software supply chain threats across CI/CD, registries, and runtime.

Sep 8, 20247 min read

Industry Analysis

New Relic Security: Building a Supply Chain View

How to extend New Relic's APM and Vulnerability Management features into a working software supply chain dashboard for security and platform teams.

Aug 15, 20247 min read

Industry Analysis

Sumo Logic for Supply Chain Observability: A Practitioner's Guide

Architect Sumo Logic dashboards, queries, and anomaly detection for software supply chain visibility across SCM, CI/CD, registries, and cloud runtime.

May 22, 20247 min read

Industry Trends

When Observability Meets Security: The Convergence That Changes Everything

Observability and security have operated in silos for too long. Their convergence creates capabilities that neither could achieve alone.

Oct 5, 20236 min read

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.