Safeguard
Topic

AI Security

In-depth guides and analysis on ai security from the Safeguard engineering team.

676 articles

AI Security

Agentic Procurement: Letting AI Agents Buy Software Safely

Agents can now evaluate, trial, and pay for software without a human in the loop. The controls that make that safe: spend caps, allowlists, verifiable merchants, and audit trails.

Apr 4, 20266 min read
AI Security

Breaking-Change-Aware Remediation In 2026

Most fix PRs fail because they ignore breaking changes in the patched version. Here is how breaking-change-aware remediation closes vulns without regressions.

Apr 3, 20267 min read
AI Security

MCP Server Telemetry Data Governance

MCP server telemetry captures sensitive prompts, arguments, and outputs. A governance framework for retention, redaction, and tenant-scoped access is essential.

Apr 2, 20267 min read
AI Security

How DevOps Teams Actually Use AI Today

How can a DevOps team take advantage of artificial intelligence without adding risk? Mostly by pointing it at toil — log triage, test generation, and incident summarization — not by handing it the keys to production.

Apr 2, 20265 min read
AI Security

Safeguard Griffin AI: Eval Benchmarks Published

Griffin AI's evaluation harness results published for the first time. Benchmark methodology, comparison against baselines, and what the numbers mean for production use.

Apr 1, 20266 min read
AI Security

OpenAI API Key Leakage on GitHub at Scale

A senior engineer's view of OpenAI API key leakage on GitHub at scale, why automated secret scanning misses so many, and what actually stops the bleeding.

Apr 1, 20267 min read
AI Security

Responsible Disclosure For Discovered Zero-Days

When your pipeline starts producing zero-days, you inherit responsible disclosure obligations. Here is how to do it well, with the artefacts the pipeline already gives you.

Mar 31, 20267 min read
AI Security

AI Coding Assistant Data Leak Incidents Trend

AI coding assistants are now standard developer tooling. The incident data from 2025 and early 2026 shows a recurring pattern of source code, credential, and customer data leaking through them.

Mar 30, 20267 min read
AI Security

Tool-Call Audit: The Missing AI Observability Layer

Most AI observability stacks log prompts and completions. The actual security signal is in the tool calls. Here is how to capture it.

Mar 30, 20267 min read
AI Security

Transitive Dependency Fix Cascades, Managed

Fixing a transitive dependency is rarely a single bump. It is a cascade. Here is how to manage those cascades without flooding reviewers or breaking builds.

Mar 29, 20267 min read
AI Security

Scaling Across Repos: Griffin AI vs Mythos

Multi-repo security reasoning is a graph problem, not a retrieval problem. How Griffin AI's engine scales where pure-LLM products flatten into guesswork.

Mar 28, 20266 min read
AI Security

MCP Server Lifecycle Management Patterns

Patterns for managing MCP servers through development, staging, rollout, and deprecation — with an eye on the security gaps that appear at each transition.

Mar 28, 20268 min read
AI Security (Page 19) — Supply Chain Security Blog | Safeguard