Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Supply chain attacks on open source come in distinct flavors. Understanding the taxonomy helps defenders prioritize controls and recognize threats before they reach production.
Supply chain attacks break your standard IR playbook. The compromise originates outside your perimeter, affects trusted software, and the blast radius is unknown. Here's how to adapt.
Browser extensions have become a prime target for supply chain attackers. With access to browsing data, credentials, and session tokens, a compromised extension is a skeleton key to your organization.
When a critical dependency is compromised or disappears, can your business keep running? Most organizations haven't answered this question honestly.
By mid-2022, supply chain attacks had surged 742% over the previous three years. Here's the data, the trends, and what defenders need to know.
The first quarter of 2022 saw a surge in npm malware — from protestware to dependency confusion to credential-stealing packages. Here's a roundup of the most significant incidents and emerging trends.
Weekly insights on software supply chain security, delivered to your inbox.