What's new in Safeguard.

Griffin Zero (671B-MoE) general availability for Sovereign deployments.

• Griffin Zero now available in Sovereign and Air-Gapped deployment tiers, with documented multi-GPU sizing from 11x H100 (Growth) to 22x H100 multi-AZ (Mature).
• Long-context retrieval gates pre-rank call-graph chunks before attention — 18% reduction in time-to-first-token at 256k context.
• Adversarial disproof pass now runs in parallel with the main reasoning head; end-to-end p95 latency for a Griffin Zero verdict drops to ~12s.
• Reasoning trace format gains an explicit DISPROOF ATTEMPT field — every finding ships with the refutation the model tried and failed.

Eagle ranking-head v2 — 12% precision uplift on cross-package taint paths.

• Eagle's clustering head retrained on a larger labelled taint-path dataset; top-5 candidate-path recall now at 94%.
• p95 sweep latency on a 5k-package monorepo: 420ms (was 510ms).
• Eagle now emits a confidence score per candidate path — Griffin routes only above-threshold candidates by default.
• INT8 quantisation pipeline for Eagle published — cost-per-scan on shared cloud tiers drops 22%.

Lion in JetBrains and Cursor (in addition to VS Code).

• JetBrains plugin (IntelliJ IDEA, PyCharm, GoLand, WebStorm) ships with the Lion 1B inline model bundled.
• Cursor extension now mirrors the VS Code feature surface — on-save scan, hover enrichment, one-click safe upgrade.
• Lion weights now ship as signed sigstore bundles; the IDE extension verifies on install and refuses an unsigned weight file.
• Sub-100ms p95 maintained on M-series Apple Silicon and recent x86 GPU laptops.

MCP Server — per-tool capability scoping and sensitive-data egress guardrails GA.

• Capability scoping per tool: read-only, sandboxed-write, ephemeral-write, and full-write modes selectable per agent identity.
• Inline output scanning for PII, secrets, and proprietary code patterns — backed by Lion on the egress path.
• Cryptographic chain-of-custody on every tool call: prompt, tool name, arguments, output hash, policy decision.
• Drop-in compatibility verified against Claude Code, Cursor, Cline, and the OpenAI Agents SDK.

Eleventh scanner added — SCC (Source Code Complexity).

• SCC integrated as the 11th scanner. Complexity and churn metrics fold into the Eagle ranking signal.
• Cross-scanner dedup now also collapses findings by (component, function, sink) when SCC indicates the same code-path is responsible.
• New triage view in the console: surface high-complexity files where Griffin found a recently-introduced taint flow.

DORA and NIS2 compliance packs released.

• Pre-mapped control narratives for DORA (Digital Operational Resilience Act) and NIS2.
• Continuous evidence collection — auditor view shows live posture, not point-in-time PDFs.
• One-click export packages signed SBOM, VEX, and provenance for each in-scope service.
• Vendor concentration heatmap added to TPRM for DORA Article 28 third-party risk reporting.

SARIF and CycloneDX export updated to spec v1.6.

• CycloneDX 1.6 supported on both ingest and export, including the new licensing model and vulnerability-affects fields.
• SARIF output gains structured Griffin reasoning traces under the standard properties bag.
• Backwards-compatible export of CycloneDX 1.5 and 1.4 retained for older consumers.

Air-gapped offline vulnerability DB sync — delta sync instead of full pull.

• Air-gapped customers can now sync NVD, OSV, EPSS, KEV, and GHSA deltas via approved one-way conduits without pulling the full archive each time.
• Sync conduit format documented (CycloneDX-style envelope + sigstore signature) so customers can write their own ingestion if needed.
• Full release SBOM, VEX, and provenance now bundled with every air-gapped sync drop.