Releases, research, customer milestones, and the occasional company update. We post here when something meaningful ships. We do not post here to fill a content calendar.
The May refresh of Griffin L closes the gap on reachability analysis for transitive dependencies. Across our internal eval suite, false positives dropped 30 percent without a regression on recall. The adversarial disproof head was retrained on a larger corpus of refuted candidates pulled from the last two quarters of production traces.
ReadOne of our largest deployments reached a milestone of one million autonomously applied fixes across their monorepo this quarter. Average time from finding to merged patch dropped from 11 days to 3 hours. The customer has asked to remain unnamed; the case study walks through the rollout pattern in detail.
ReadA short paper describing the trace-attestation format that every Griffin response is emitted with. The format is open, the verifier is open source, and the goal is to make AI-generated security findings independently reproducible by any downstream consumer. Feedback from the standards community is welcome.
ReadWe have expanded the leadership team with a new Head of Sovereign Deployments to scale the air-gapped and classified offerings that customers in defence and public-sector verticals depend on. The role reports to the CTO and is based out of the Dublin office.
ReadPolicies, guardrails, and remediation recipes can now be published, versioned, and consumed through the Marketplace. Every contribution is signed, reviewed, and provenance-tracked. The first wave includes 40 community-authored policies covering supply chain, AI safety, and licensing.
ReadOur research team analysed five years of zero-day disclosures across npm, PyPI, Maven, and Go modules. The paper proposes a small change to the default disclosure embargo that reduces exploitation windows by an average of 18 days. The data set is open for reproduction.
ReadThe Eagle family now handles compound policy reasoning across multi-jurisdiction compliance frameworks. The release includes a new evaluation suite covering NIS2, DORA, and the EU AI Act, with published scores on every benchmark.
ReadAegis, the air-gapped variant of the platform, reached 500 production deployments across public-sector and regulated customers this month. The release notes for the underlying appliance build are published in the changelog, including the SBOM for the appliance itself.
ReadSubscribe to the RSS feed for everything. Or drop your email and we will send a short monthly digest with the releases and research that matter. No marketing copy, no upsell, no sharing.
Send a note to news@safeguard.sh and we will add you to the monthly digest list.
Where to go for longer-form writing, press resources, and the technical changelog.