AI Security
In-depth guides and analysis on ai security from the Safeguard engineering team.
676 articles
Fine-Tune Backdoor Insertion: Academic Research
A senior engineer's review of academic research on fine-tune backdoor insertion, from BadNets to sleeper agents, and how the findings translate to production ML.
AI Cybersecurity Companies and Vendors: The Landscape
AI cybersecurity companies split into three distinct groups doing very different work, and confusing them is the fastest way to buy the wrong tool.
Engine-Plus-LLM vs Pure-LLM Bug Hunters
The difference between an engine-plus-LLM bug hunter and a pure-LLM one is not a tuning detail. It is a structural divide that determines whether the findings are usable.
Prompt Injection in CI/CD Pipelines: Attack Paths and Defenses
When LLMs review PRs, triage issues, and fix builds, every commit message becomes attacker input. The concrete attack paths through GitHub Actions and what blocks them.
MCP Server Sandbox Escapes: Threat Model
A threat model for sandbox escapes in Model Context Protocol servers, mapping attack surfaces from tool execution environments to host processes and shared state.
Model Substitution Attacks: An Emerging Pattern
An attacker who can swap the model behind an API call can read every prompt and shape every response. The emerging trend in 2026 is model substitution as an attack class with its own techniques and disclosures.
Out-Of-Band Confirmation For Irreversible Tool Calls
Some tool calls cannot be undone. Out-of-band confirmation is the cheapest defense for that small set, and the most expensive thing to skip.
Reachability vs Pure-LLM Vulnerability Scanning In 2026
Pure-LLM vulnerability scanners hit production around 2024. By 2026 their failure modes are documented. Reachability remains the backbone — and the LLM is most useful on top of it.
Training Data Poisoning: Pipeline Defenses
A senior engineer's guide to training data poisoning defenses in 2026, from split-learning detection to provenance attestation and continuous pipeline monitoring.
From Finding To Merged Fix In An Hour
A one-hour cycle from vulnerability finding to merged fix is achievable in 2026, but only with a pipeline designed for it. Here is what that pipeline looks like.
Tool-Call Hijacking: Griffin AI vs Mythos
A hijacked tool call is more consequential than a hijacked response. The defence requires the tool layer to police the model, not the other way around.
Griffin AI vs Sourcegraph Cody for Security Use
Cody's codebase-wide context is valuable for security review. Griffin AI adds reachability, taint, and policy grounding that Cody doesn't target.