The spine is the same everywhere: three model families, eleven scanners, one policy engine, one audit log. The surface area is how engineers actually touch it — models served as an API, a desktop app, a local coding agent, IDE extensions, a CLI, an MCP server, the portal, and a marketplace. Eight ways in, one source of truth.
Each surface is its own product, but they all read the same policy, write the same audit log, and share the same SBOMs. Eight entry points, one substrate.
Griffin · Eagle · Lino served behind a stable REST API.
The three model families served behind a stable, versioned REST API. Pay per inference, or bundle into a deployment tier. The auto-router decides which Griffin variant earns the workload — Lite, S, M, L, or Zero — based on a complexity score Eagle assigns up front.
Native app for Mac, Windows, Linux. The full local control plane.
Native desktop app for Mac, Windows, and Linux. Takes full control of the local system — scans repos, runs CI-equivalent checks, executes auto-fix plans, and watches in the background for drift. Built for the engineer who wants the platform on their own machine, not behind a tab.
A local AI coding agent that already knows your supply chain.
Local AI coding agent that runs on your system, similar in spirit to Claude Code. Drives the editor, the file system, the build, and the test runner. Lino handles the hot path on-device with sub-100 ms latency; Griffin cloud-bursts for the genuinely hard reasoning that needs a real budget.
VS Code, JetBrains, Cursor. Lino at sub-100 ms.
First-party extensions for VS Code, the JetBrains family (IntelliJ, PyCharm, GoLand, WebStorm) and Cursor. Lino runs on-device for inline findings with sub-100 ms p95 latency; Griffin is available on demand when the inline answer needs deeper reasoning.
scan · sbom · fix · policy. Scriptable, air-gappable.
Eleven scanners and seven enrichment feeds behind four commands: safeguard scan, sbom, fix, policy. Output as JSON, SARIF, or CycloneDX. Pipes cleanly into any CI runner and ships as a static binary for environments that don't tolerate runtimes.
Model Context Protocol with capability scoping and egress guards.
Model Context Protocol server with per-tool capability scoping, sensitive-data egress guardrails on Lino's egress path, and a prompt audit log with cryptographic chain-of-custody. Drop-in for Claude Code, Cursor, Cline, and any custom agent that speaks MCP.
Web console for security and engineering leadership.
The web console where the org actually reads its supply-chain posture. Trend lines, SLA tracking, regulator export, evidence store. Every finding from every other surface lands here with its provenance intact — one source of truth, not one tab per tool.
Curated integrations, SBOM bundles, compliance packs.
Curated integrations for Jira, ServiceNow, Slack, Splunk, and Datadog. Verified SBOM bundles, compliance pack downloads, and customer-built workflows that drop into the platform without a services engagement.
Every surface reads the same policy, writes to the same audit log, and shares the same SBOMs. Findings move sideways without translation — the editor that surfaced a sink and the dashboard that reports the SLA are looking at the same row.
Inline findings, inline fixes, inline policy. No round trip to the cloud for the hot path.
Repo-wide sweeps, reachability ranking, deep reasoning on the survivors. The same engine, scriptable.
Findings flow through the MCP and integration mesh into the central console. Leadership reads one view.
| Surface | Where it runs | Best for | Models available | Offline? |
|---|---|---|---|---|
| Models-as-a-Service | Cloud / VPC / dedicated | Programmatic access, custom workflows | Griffin (all variants), Eagle, Lino | VPC + air-gap supported |
| Desktop Application | On-device | Engineering laptop, local control plane | Lino local · Griffin cloud-burst | Yes (with policy + DB bundle) |
| Safeguard Code | On-device | Agentic coding sessions | Lino local · Griffin cloud-burst | Yes (Lino-only mode) |
| IDE Extensions | On-device | Inline developer flow | Lino local · Griffin on demand | Yes (offline mode) |
| CLI Tool | On-device / CI runner | Pipelines, scripts, air-gapped audit | Lino · Eagle · Griffin (variant by flag) | Yes (static binary + offline DB) |
| MCP Server | Customer VPC / Safeguard cloud | Agent fleets, third-party AI clients | Lino on egress, Griffin via tool calls | VPC isolated supported |
| Portal & Dashboard | Cloud / VPC | Leadership, audit, governance | Reads from all surfaces | VPC-isolated mirror |
| Marketplace | Cloud | Integration discovery and install | n/a (delivery surface) | Manifest export for air-gap |
Pick the shape that matches your trust boundary; the surfaces stay consistent across them.
Multi-tenant inference plane, fastest onboarding. Per-tenant isolation at prompt and KV cache layer.
Single-tenant inference on isolated hardware. Deterministic latency, SHA-pinned weight attestation.
Customer-controlled VPC, BYO-KMS. The inference plane sits inside your network boundary.
No internet egress, on-prem GPU, full audit-log export. Suits regulated and classified deployments.
Software supply chain security is the whole product. The corollary is what we don't ship.
The eight surfaces converge on the same audit log. Begin in the editor, the terminal, or the dashboard — your team will meet you at the others.