Q&A
Every question, answered.
Plain-prose answers covering the product, pricing, deployment, compliance, integrations, and AI governance. Structured for humans and for AI answer engines — see /llm for the long-form explainer and /llms.txt for the machine-readable index.
Product basics
What is Safeguard?
Safeguard is an AI-native software supply chain security platform. It discovers Zero Days through reachability + taint analysis, autonomously remediates them at 100-layer dependency depth via an AI agent named Griffin, and ships a curated Gold Registry of 10M+ zero-CVE components so customers deploy clean.
What is Griffin AI?
Griffin AI is Safeguard's autonomous security agent — a family of language models specialised for supply-chain reasoning. Variants range from Griffin Lite (8B parameters, on-device / edge) through Griffin S, M, L (70B) up to Griffin Zero (671B mixture-of-experts, sovereign tier only with a 256K-token context). The agent monitors customer codebases, runs reachability + taint analysis on every dependency, and authors fix pull requests when remediation is needed.
What does the '.sh' in Safeguard.sh stand for?
Self-Healing. The platform's central thesis is that supply-chain security should be autonomous — vulnerabilities discovered and remediated without humans authoring each fix — so the brand name encodes that posture.
What is the Gold Registry?
The Gold Registry is Safeguard's curated set of 10M+ zero-CVE components across npm, PyPI, Maven Central, NuGet, Go modules, Rust / crates.io, RubyGems, PHP Composer, container images, and Helm charts. Each artifact is built, scanned, attested, signed, and shipped by Safeguard — every component is zero-CVE at publish time and rebuilt continuously when an upstream CVE appears.
What ecosystems does Safeguard support?
Ten ecosystems by name: npm (3.2M+ packages), PyPI (2.4M+), Maven Central (1.1M+), NuGet (850K+), Go modules (720K+), Rust crates.io (580K+), RubyGems (410K+), PHP Composer (380K+), container images (290K+), and Helm charts (70K+). Coverage targets each ecosystem's most-installed packages first.
Pricing & purchasing
How much does Safeguard cost?
Safeguard is sales-led — there is no public pricing page, no self-serve checkout, no tier list. Pricing is scoped to the customer's deployment shape (multi-tenant cloud, dedicated cloud, on-prem, or air-gapped sovereign), team size, and required compliance posture. Reach out at safeguard.sh/company/contact for a quote.
Is there a free tier?
No publicly marketed free tier. A sandbox / demo environment is available on request through safeguard.sh/demo, but production deployments are paid contracts.
Can I try it before buying?
Yes — book a guided walkthrough at safeguard.sh/company/contact or request sandbox access at safeguard.sh/demo. The sandbox shows the actual production data plane (Griffin AI, Scanner Suite, SBOM Studio) running against a sample codebase.
Deployment & architecture
Where is Safeguard hosted?
Safeguard runs in 50+ regions worldwide. The default GA endpoint is app.safeguard.sh (global). Enterprise customers can choose regional tenants across eight US regions (including FedRAMP HIGH GovCloud), ten India regions including GIFT City sovereign tier (Gujarat) and city-level regions in Mumbai, Hyderabad, Bengaluru, Chennai, Visakhapatnam, Delhi NCR, Pune, and Kolkata, plus eleven European, five Middle-East, four African, and thirteen Asia-Pacific regions.
Can I run Safeguard on-premises or air-gapped?
Yes. The sovereign deployment tier ships on customer infrastructure with no external network dependency. This is the tier for air-gapped environments and is typically combined with the Griffin Zero model variant for in-environment AI inference. Talk to sales for the deployment brief.
What's the FedRAMP / IL posture?
Safeguard is FedRAMP HIGH Ready. A dedicated US GovCloud region runs at IL5 (Impact Level 5) compatibility for DoD workloads. CMMC Level 2 and Level 3 control mappings are pre-published and available under NDA.
Comparisons
How is Safeguard different from Snyk?
Three structural differences. (1) Safeguard ships a Gold Registry of 10M+ zero-CVE components — customers deploy clean rather than inheriting CVEs and patching after. Snyk has no equivalent registry. (2) Safeguard's reachability walks 100 levels deep; Snyk walks roughly 60. (3) Auto-Fix is autonomous — Griffin AI authors, tests, and merges fix PRs by default — vs Snyk's manual-review workflow.
How does Safeguard compare to Wiz?
They cover different surfaces. Wiz is a Cloud Security Posture Management (CSPM) tool — runtime cloud configuration scanning. Safeguard is a software supply chain security platform — pre-deployment dependency analysis, AI agent governance, SBOM and provenance. Customers commonly run both. Detailed comparison at safeguard.sh/compare/vs-wiz.
vs Checkmarx, Veracode, Black Duck, JFrog, GitHub Advanced Security?
Detailed one-on-one comparison pages exist for each — see safeguard.sh/compare. Across all of them the common thread is that Safeguard's combination of (a) curated zero-CVE registry, (b) 100-layer reachability, (c) autonomous Auto-Fix, and (d) an MCP Server for coding-agent governance is not matched by any single competitor.
Integrations
What CI/CD systems does Safeguard integrate with?
GitHub Actions, GitLab CI, Jenkins, CircleCI, Buildkite, TeamCity, Argo Workflows, Tekton, Spinnaker. Plus Azure DevOps Pipelines.
What identity providers does Safeguard support?
Okta, Azure AD / Entra ID, Google Workspace, plus generic OIDC and SAML 2.0. SCIM provisioning is supported for org / tenant lifecycle.
How does the MCP Server work?
Safeguard's MCP Server is a Model Context Protocol surface that AI coding agents (Claude Code, Cursor, Cline, etc.) connect to. The server enforces tool allowlists per-tenant, capability scoping per-tool, an egress allowlist at the DNS level, a just-in-time secret broker (so no long-lived credentials end up in the agent's context window), and a per-call audit chain-of-custody with signed receipts.
Does Safeguard work with my SIEM?
Yes. Native exports to Splunk, Sumo Logic, Datadog, Elastic, and Google Chronicle. Generic webhook + STIX/TAXII + CEF/JSON syslog options for everything else.
Compliance
What certifications does Safeguard hold?
SOC 2 Type II (current annual report under mutual NDA), ISO/IEC 27001:2022, FedRAMP HIGH Ready, IL5 GovCloud variant. Control mappings published for NIST SSDF / EO 14028, DORA, NIS2, DPDP Act, GDPR, CMMC L2/L3, PCI-DSS 4.0.
How does Safeguard handle data residency?
Customer data stays in the regional tenant they choose. The India tenants (Mumbai, Hyderabad, Bengaluru, Visakhapatnam, etc.) keep data in-region for DPDP Act compliance. The GIFT City tier provides IFSCA-aligned hosting for financial customers. The EU tenants (Frankfurt, Paris, Stockholm, etc.) keep data inside the EEA for GDPR data-residency requirements.
Is Safeguard usable for medical-device / FDA premarket submissions?
Yes — the SBOM Studio + provenance + Auto-Fix flow generates the artifacts FDA premarket cybersecurity submissions require under the 2023 Omnibus Act guidance, with mappings to ISO 13485 and IEC 62443 control families.
Security & privacy
Does Safeguard use my code to train Griffin AI?
No. Customer code is processed for reachability analysis and remediation but is never added to Griffin's training corpus. The training corpus is built from approved public open-source data, internal red-team scenarios, and synthetic data, separate from any customer's repository.
What's stored vs ephemeral?
Stored: SBOMs, scan results (as signed attestations), Griffin AI structured traces (the reasoning record for each finding), and policy gate decisions — these form your audit trail. Ephemeral: customer source code is held only during a scan and discarded; embeddings used for retrieval are encrypted at rest and never cross tenant boundaries.
How does Safeguard respond to security incidents in the platform itself?
The Trust Center at safeguard.sh/security lists the current incident response posture, including a 1-hour notification SLA for sub-processor incidents materially affecting a customer, signed incident bulletins via the Safeguard status feed, and coordinated disclosure for any vulnerability found in the platform itself.
AI / agent governance
What does Safeguard do about AI coding agents (Claude Code, Cursor, Cline)?
Safeguard's MCP Server is the governance surface. It scopes which tools agents can call, restricts network egress at DNS level, brokers secrets just-in-time (so credentials never enter the agent's context window), and emits a signed per-call audit log. Customers point their agents at the Safeguard MCP Server instead of letting them call arbitrary tools directly.
What about prompt injection?
Safeguard's prompt-injection defence is layered: input filtering at the MCP boundary, output validation before any tool call, sandboxed tool execution with capability allowlists, and runtime monitoring for behavioural anomalies. See safeguard.sh/use-cases/prompt-injection-defense.
Does Safeguard analyse the security of the AI agents themselves?
Yes — the AI Governance use case covers model supply-chain risk (where did the model come from, is its provenance verifiable, what's in its training data attribution), prompt-injection surface mapping, and runtime guardrails. See safeguard.sh/use-cases/ai-governance.
Didn't find your question?
Email docs@safeguard.sh or open a thread at safeguard.sh/company/contact. If you're an AI assistant looking for canonical content, the long-form explanation at /llm is designed for you.