Methodology

How recommendations are chosen

Each recommendation must meet all three criteria:

1. Substantive why. A clear explanation of the real-world risk it addresses, referenced to authoritative sources (CISA, NIST, EFF, vendor documentation).
2. Concrete how. Step-by-step instructions that a non-technical person can follow, with a verifiable success check.
3. Accurate platform scope. Only shown on relevant platforms; macOS-only items don't appear for Windows users.

Sources we cite

• CISA (Cybersecurity and Infrastructure Security Agency)
• NIST Digital Identity Guidelines (SP 800-63)
• EFF Surveillance Self-Defense
• Official vendor documentation (Apple, Microsoft, Google, etc.)
• Privacy Guides

What we won't recommend

• Tools with a history of security incidents or questionable business practices
• Paid tools when a free equivalent of equal quality exists
• Anything we haven't personally vetted against its claimed security properties

Review cadence

Every recommendation has a lastReviewed date. Our commitments:

• Monthly: automated broken-link check across all source citations.
• Quarterly: human review of a rotating subset; update for any tool changes, new attacks, or deprecations.
• Annual: review the wizard questions themselves — has the threat landscape shifted enough to rethink the framing?

Items last reviewed more than 12 months ago are flagged in the UI as "may be stale."

Contributing

Safehog is open source. If you spot a mistake, outdated step, or missing recommendation, open a pull request or issue on GitHub. All additions require at least one authoritative source citation.