Safeguard
Topic

AI Security

In-depth guides and analysis on ai security from the Safeguard engineering team.

676 articles

AI Security

Agentic AI Budget Explosions And Cost Controls

Agent runaway is no longer a theoretical risk — it is a line item on quarterly variance reports. The 2026 trend in agentic AI is less about model capability and more about who pays when an agent loops.

Apr 8, 20267 min read
AI Security

Enterprise MCP Registry Onboarding Process

A repeatable onboarding flow for adding MCP servers to an enterprise registry without becoming the team that says no to everything.

Apr 8, 20267 min read
AI Security

LLM Traces and Evals: The Missing Layer in AI Supply Chain Security

Prompt traces and offline evals are standard hygiene for ML teams, but almost nobody treats them as supply chain telemetry. They should be. Here's how traces and evals plug into SBOM and reachability as a fourth security signal.

Apr 8, 20267 min read
AI Security

Docker + MCP: Running MCP Servers in Containers Securely

MCP servers run with your credentials and your filesystem unless you say otherwise. Containerizing them with read-only mounts, dropped capabilities, and egress controls turns an open-ended trust grant into a bounded one.

Apr 8, 20266 min read
AI Security

Human Review Gate For AI-Generated Fix PRs

AI-authored fix PRs are only safe when there is a deliberate human review gate in front of them. Here is how to build one that is fast and trustworthy.

Apr 7, 20268 min read
AI Security

AI Cybersecurity Threats: The 2026 Landscape

AI has made the median attacker faster and the median phish flawless, while LLM-powered apps opened a new bug class entirely. What actually changed, and what still works.

Apr 7, 20265 min read
AI Security

AI cybersecurity hub (AI-driven threat detection)

Prisma Cloud's AI-driven detection watches runtime behavior, but AI in cybersecurity still misses supply chain attacks like XZ Utils. Provenance matters more.

Apr 7, 20267 min read
AI Security

From CVE To Zero-Day: The Pipeline Flip

Most security pipelines are organised around CVEs that already exist. Here is what changes when you flip the pipeline to surface zero-days first instead.

Apr 5, 20267 min read
AI Security

Prompt Injection in RAG: Indirect Attacks

A senior engineer's breakdown of indirect prompt injection in RAG pipelines, how real attacks land through retrieved content, and what actually reduces exposure.

Apr 5, 20267 min read
AI Security

Real-World Deployment: Griffin AI vs Mythos

Demos live on a single repo and a curated dataset. Real deployments hit fifty repos, three CI providers, two cloud accounts, and an air-gapped environment. The gap is where vendors get sorted.

Apr 4, 20265 min read
AI Security

MCP Vulnerability Disclosure Trends In 2026

MCP servers went from a niche protocol to standard agent infrastructure in under two years. The vulnerability disclosure landscape is catching up — fast, messily, and with patterns worth tracking.

Apr 4, 20267 min read
AI Security

Scoped Credentials Per MCP Server: A Pattern

Long-lived shared tokens are the wrong unit of trust for MCP servers. Here is the per-server scoped-credential pattern and how to roll it out.

Apr 4, 20267 min read
AI Security (Page 18) — Supply Chain Security Blog | Safeguard