================================================================================ SAFEGUARD PRESS KIT Software Supply Chain Security — AI-Native, Self-Healing ================================================================================ COMPANY BOILERPLATE ------------------- Safeguard is the AI-native software supply chain security platform. Safeguard catches Zero Days, autonomously remediates them at 100-layer dependency depth, and ships 500K+ curated zero-CVE components so customers deploy clean. The platform serves regulated enterprises, AI-forward platform teams, critical infrastructure, medical device manufacturers, scale-ups under SOC 2, and M&A acquirers across the United States, India, EMEA, and APAC. Founded in 2024. Headquartered in Dublin, California. Email: press@safeguard.sh · hi@safeguard.sh Website: https://safeguard.sh ================================================================================ KEY MESSAGING (one-liners for headlines) ---------------------------------------- - "Safeguard & Self-Heal your software supply chain." - "500K+ zero-CVE components. 50+ Zero Days discovered. 100K+ AI remediations applied. 1M+ scans completed." - "AI-Native. Zero Day discovery. Autonomous remediation." - "100-layer reachability — 40 layers deeper than legacy SCA." - "Defense in depth, in four concentric layers, around every customer asset." ================================================================================ PLATFORM STATS (point-in-time totals, as of June 2026) ------------------------------------------------------ - 500K+ curated zero-CVE components across npm, PyPI, Maven, NuGet, Go, Rust, RubyGems, PHP, containers, and Helm - 50+ Zero Days discovered via Griffin AI reachability + taint analysis - 100K+ autonomous AI remediations applied - 1M+ cumulative scans completed - ~3 days mean time to remediate (vs typical industry baselines of weeks to months) - ~92% faster remediation vs traditional SCA workflows (typical) - ~80% fewer false positives via reachability analysis (typical) ================================================================================ PRODUCTS -------- - Griffin AI — autonomous security agent, 100-layer reachability - Aegis Architecture — model serving infrastructure for Griffin lineup - ESSCM — Enterprise Software Supply Chain Manager - SBOM Studio — ingest, slice, distribute CycloneDX + SPDX - Scanner Suite — 11 integrated scanners + enrichment feeds - TPRM — Third Party Risk Manager - Open Source Manager — registry intelligence for OSS dependencies - Auto-Fix — autonomous remediation engine - MCP Server — agent surface for Claude Code / Cursor / Cline - IaC Security — Terraform / Pulumi / Crossplane policy gates - DAST — dynamic application security testing - Safeguard Code — local agent for IDE / CLI - Safeguard Guard — runtime protection layer - Safeguard Cowork — collaboration surface for security teams - Marketplace — Gold Registry of zero-CVE artifacts GRIFFIN MODEL FAMILY -------------------- - Griffin Lite (8B) — on-prem inference, edge deployment - Griffin S (14B) — small-team triage workloads - Griffin M (32B) — standard enterprise tier - Griffin L (70B) — high-throughput, reachability + remediation - Griffin Zero (671B-MoE) — sovereign tier, deep call-graph context OTHER MODELS - Eagle (13B) — ranking + clustering, taint-path benchmarks - Lion (1B) — distilled inline model, on-device latency ================================================================================ COMPLIANCE POSTURE ------------------ - SOC 2 Type II (audit in progress) - ISO/IEC 27001:2022 (aligned) - FedRAMP HIGH Ready · IL5 GovCloud variant available - CMMC L2/L3 mappings for DoD supply chain - DORA + NIS2 control mappings (EU) - DPDP Act mapping (India) · GDPR mapping (EU) - EO 14028 / NIST SSDF self-attestation aligned ================================================================================ REGIONAL FOOTPRINT ------------------ Global — app.safeguard.sh (GA default endpoint) United States (regional tenants): - US East (Virginia · Ashburn) · US East (Ohio · Columbus) - US West (California · San Jose) · US West (Oregon · Portland) - US Central (Texas · Dallas) · US South (Georgia · Atlanta) - US Northeast (New York) · US GovCloud (FedRAMP High · IL5) India (full domestic coverage): - GIFT City (Gujarat · IFSCA · sovereign-tier financial) - Mumbai · Hyderabad · Bengaluru · Chennai · Visakhapatnam - Delhi NCR · Pune · Kolkata - India Sovereign (MeitY · CERT-In · STQC) Europe: Frankfurt · Paris · Amsterdam · Stockholm · Madrid · Milan · Warsaw · London · Zurich · Dublin Middle East: Dubai · Riyadh · Manama · Tel Aviv · Doha Asia-Pacific: Singapore · Tokyo · Osaka · Seoul · Hong Kong · Sydney · Melbourne · Auckland · Jakarta · Kuala Lumpur · Manila · Bangkok · Ho Chi Minh ================================================================================ MEDIA CONTACTS -------------- Press inquiries: press@safeguard.sh General contact: hi@safeguard.sh Sales: sales@safeguard.sh Documentation: docs@safeguard.sh Trust Center: https://safeguard.sh/security Brand assets (logos, screenshots, video): - Request via press@safeguard.sh — full kit shared as an authenticated link. LinkedIn: https://www.linkedin.com/company/safeguard-sh X / Twitter: https://x.com/safeguard_sh GitHub: https://github.com/Safeguard-sh NPM: https://www.npmjs.com/org/safeguard-sh ================================================================================ USAGE NOTES FOR JOURNALISTS --------------------------- - Capitalise the brand as "Safeguard". Not "safeguard" or "SafeGuard". - The product's AI agent is "Griffin AI" (always two words). - Quote attribution: please reach out before quoting executives so we can confirm the latest title and verify the quote in context. - The "500K+", "50+", "100K+", "1M+" figures are point-in-time totals updated monthly. The current snapshot was taken June 2026. Drill-down breakdowns are published at https://safeguard.sh/stats/. ================================================================================ Last updated: June 2026