Safeguard.sh
Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

Filtering by tag:#post-quantum5 articles
All (5)AI Security (294)DevSecOps (153)Open Source Security (132)Best Practices (126)Vulnerability Analysis (98)Incident Analysis (83)Industry Analysis (80)Application Security (73)Compliance (68)Container Security (64)Software Supply Chain Security (51)Vulnerability Management (47)Regulatory Compliance (42)Threat Intelligence (41)Supply Chain Attacks (36)Product (35)Cloud Security (35)SBOM (34)Supply Chain Security (25)Ransomware (21)Infrastructure Security (20)SBOM & Compliance (19)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Dependency Security (11)Web Security (11)Kubernetes Security (9)Company (8)Architecture (8)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Data Breach (7)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Open Source (5)Breach Analysis (5)Code Security (5)Product Launch (4)Offensive Security (4)Tool Comparisons (4)Build Security (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Mobile Security (3)Hardware Security (3)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)Social Engineering (2)DeFi Security (2)Cryptocurrency Security (2)Technical (1)Healthcare (1)Events (1)Frameworks (1)Product Update (1)Standards (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Healthcare Security (1)Credential Attacks (1)Identity Security (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed
Best Practices

Post-Quantum Signing: An Artifact Migration Plan

A concrete migration plan for artifact signing from ECDSA to ML-DSA and SLH-DSA, covering Sigstore, Notary, HSMs, and staged hybrid rollouts.

Mar 5, 20265 min read
Software Supply Chain Security

Post-Quantum Cryptography Migration for Software Supply Chains

NIST finalized ML-KEM, ML-DSA, and SLH-DSA in 2024. Here's what it means for Sigstore, package registry signing, TLS, and the harvest-now-decrypt-later problem.

Feb 28, 20267 min read
Standards

Cryptographic Bill of Materials (CBOM): The Next Frontier

Post-quantum cryptography migration requires knowing what cryptographic algorithms your software uses. CBOMs provide that inventory. Here is what they are and why they matter.

Nov 10, 20247 min read
Emerging Technology

Post-Quantum Cryptography Transition: A Practical Guide for Engineering Teams

NIST has finalized its post-quantum standards. Here's a hands-on guide for engineering teams beginning the migration from classical to quantum-resistant cryptography.

Mar 22, 20245 min read
Emerging Technology

Quantum Computing and the Coming Cryptography Crisis in Supply Chains

Quantum computers threaten the cryptographic foundations of software supply chains. The time to prepare is now, not when quantum advantage arrives.

Jun 20, 20235 min read

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.

Blog | Safeguard.sh — Software Supply Chain Security Insights