Safeguard.sh
Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

Filtering by tag:#policy9 articles
All (9)AI Security (294)DevSecOps (153)Open Source Security (132)Best Practices (126)Vulnerability Analysis (98)Incident Analysis (83)Industry Analysis (80)Application Security (73)Compliance (68)Container Security (64)Software Supply Chain Security (51)Vulnerability Management (47)Regulatory Compliance (42)Threat Intelligence (41)Supply Chain Attacks (36)Product (35)Cloud Security (35)SBOM (34)Supply Chain Security (25)Ransomware (21)Infrastructure Security (20)SBOM & Compliance (19)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Dependency Security (11)Web Security (11)Kubernetes Security (9)Company (8)Architecture (8)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Data Breach (7)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Open Source (5)Breach Analysis (5)Code Security (5)Product Launch (4)Offensive Security (4)Tool Comparisons (4)Build Security (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Mobile Security (3)Hardware Security (3)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)Social Engineering (2)DeFi Security (2)Cryptocurrency Security (2)Technical (1)Healthcare (1)Events (1)Frameworks (1)Product Update (1)Standards (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Healthcare Security (1)Credential Attacks (1)Identity Security (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed
Architecture

Safeguard Policy Evaluation Engine

How Safeguard's policy engine evaluates thousands of rules per artifact with predictable latency — the compiler, the cache layer, and the decision trail.

Feb 8, 20268 min read
Container Security

K8s Admission Controllers for Supply Chain Policy

How to design Kubernetes admission controllers that enforce supply chain policy without turning every deploy into a 30-minute argument with the cluster.

Jan 13, 20266 min read
Container Security

Service Mesh for Supply Chain Policy Enforcement

Using Istio, Linkerd, and Cilium service mesh to enforce signed-artifact, SPIFFE identity, and provenance-aware policy in production clusters.

May 24, 20255 min read
Container Security

GCP Binary Authorization Policy Patterns

Policy design patterns for GCP Binary Authorization that hold up in production: attestor topology, exception handling, continuous validation, and the shapes that stop a deploy-time compromise without blocking legitimate rollouts.

Sep 28, 20247 min read
Policy & Compliance

Executive Order 14028, Three Years Later: Progress, Gaps, and What Comes Next

Three years after the landmark cybersecurity executive order, SBOM adoption is growing but uneven, secure development attestation is rolling out, and the gap between policy and practice remains wide.

May 12, 20245 min read
Policy & Compliance

CISA's Secure by Design Pledge: Voluntary Commitments with Real Teeth

CISA launched a voluntary pledge asking software manufacturers to commit to specific security improvements. Over 100 companies signed. Here is what the pledge actually requires and whether it matters.

Apr 10, 20246 min read
Policy & Compliance

Software Liability in 2024: The Shift From Caveat Emptor to Vendor Accountability

Governments worldwide are moving to hold software vendors liable for security failures. Here is what the shifting liability landscape means for software producers and consumers.

Mar 5, 20245 min read
Best Practices

Open Source Policy Template for Enterprises

A practical template for crafting an enterprise open-source usage policy that balances developer freedom with security and compliance requirements.

Oct 20, 20226 min read
Container Security

Kubernetes Admission Controllers for Supply Chain Policy

Admission controllers are the only Kubernetes enforcement point that sees every workload before it runs. That makes them the right place to enforce image provenance, signing, and SBOM policies.

Sep 18, 20226 min read

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.

Blog | Safeguard.sh — Software Supply Chain Security Insights