Safeguard
Topic

AI Security

In-depth guides and analysis on ai security from the Safeguard engineering team.

676 articles

AI Security

Keeping secrets out of agent context windows: brokers, scoped tokens, and redaction

Every secret that touches an agent's context window is a secret the agent can leak. Just-in-time credential brokers, scoped-token issuance, and redaction layers keep the surface small without breaking the agent's ability to do real work.

May 15, 20268 min read
AI Security

Network egress controls for autonomous agent runtimes

Autonomous agents need network access to do useful work, and that access is exactly what attackers exploit when they trick an agent into exfiltrating data. Here is how to design egress controls that hold up under adversarial pressure.

May 14, 20268 min read
AI Security

ISO 42001 and AI Management Systems for Security Teams

ISO 42001 makes AI governance auditable and certifiable. Here's what security teams need to build an AIMS, where Endor Labs' AI code-risk scoring falls short, and how Safeguard closes the gap.

May 14, 20267 min read
AI Security

Prompt Injection Techniques and the Defenses That Actually Work

Prompt injection techniques range from direct override attempts to indirect payloads hidden in retrieved documents; here's what actually stops them.

May 14, 20266 min read
AI Security

AI Coding Agent Governance: Securing Copilot, Cursor, and...

How to govern Copilot, Cursor, and Claude Code with provenance tracking and permission scoping — beyond after-the-fact SCA scanning of agent-written code.

May 14, 20267 min read
AI Security

Securing MCP Servers and Agent Skills in the Enterprise

MCP servers and agent skills give AI agents new power—and new attack surface. Here's how tool poisoning and rug-pull attacks work, and how to stop them.

May 14, 20267 min read
AI Security

Detecting shadow MCP servers in developer environments

Unauthorized MCP servers running on developer laptops are the agent-era equivalent of shadow IT. Here is how to inventory them, see them at runtime, and bring them under policy.

May 13, 20268 min read
AI Security

NIST SP 800-218A: Operationalizing AI Secure Development in 2026

NIST SP 800-218A turned the SSDF into an AI community profile in July 2024. Eighteen months later, what does real adoption look like for AI software teams?

May 13, 20267 min read
AI Security

Defending LLM agents against confused-deputy attacks on their tool privileges

An LLM agent with tools is a deputy that holds privileges its users do not. Attackers exploit that gap by tricking the agent into using those privileges on their behalf — here is how to design defenses that hold up.

May 13, 20268 min read
AI Security

The Fake OpenAI 'privacy-filter' Model: How a Typosquat Hit #1 on Hugging Face in May 2026

A repository named Open-OSS/privacy-filter impersonated OpenAI's release, copied its model card verbatim, and shipped a loader.py that pulled an infostealer. It reached #1 trending with ~244,000 downloads before removal.

May 12, 202610 min read
AI Security

Ollama CVE-2026-7482 'Bleeding Llama': Out-of-Bounds Read

Cyera disclosed Bleeding Llama in May 2026: a heap out-of-bounds read in Ollama's GGUF loader leaking process memory. We dissect the bug and the exposure across 300,000 Ollama deployments.

May 12, 20267 min read
AI Security

Prompt-injection vectors specific to MCP servers and how to layer defenses

MCP servers expose three distinct prompt-injection surfaces — resource contents, tool outputs, and sampling requests — and each one needs its own defense layer. Here is how to think about them together.

May 12, 20268 min read
AI Security (Page 14) — Supply Chain Security Blog | Safeguard