AI Security
In-depth guides and analysis on ai security from the Safeguard engineering team.
676 articles
Support Model: Griffin AI vs Mythos
Support tier comparisons look identical on paper. The real difference shows up at 2am during an incident, and the shape of that difference is worth understanding before signing.
Cursor Enterprise Security Buyer Review 2026
An honest security buyer's review of Cursor Enterprise for 2026: data handling, model isolation, audit posture, and the gaps to negotiate before signing.
Fine-Tune Backdoors: The Quiet Threat
Fine-tuning a model on an attacker-controlled dataset can implant behaviour that only activates under specific conditions. The threat is quiet because detection is hard.
Rollback Safety: Griffin AI vs Mythos
Sometimes a remediation has to be reverted. Griffin AI's minimal, grounded patches roll back cleanly; Mythos-class patches often do not.
Zero-Day Discovery Economics: Cost Per Find
The economics of zero-day discovery have been opaque for too long. Here is the actual cost structure of finding a real, defensible bug, and how to think about it.
AI Agent Blast Radius Management
Every agent in production has a blast radius. Most teams have not measured theirs. Here is how to measure it and how to bring it under control.
AI-BOM Becoming Mandatory: Regulatory Trend
AI bills of materials moved from voluntary best practice to regulatory requirement in 2026. Multiple jurisdictions now require disclosure of model, data, and component lineage for high-impact AI systems.
CMMC Pass-Through: Griffin AI vs Mythos
CMMC 2.0 rollout has made flow-down expectations concrete. AI-for-security tools used by DIB contractors are in scope, and the pass-through story matters.
Transitive Depth: Griffin AI vs Mythos
Most scanners stop at five or six levels of transitive depth. Real production graphs run sixty levels deep, and the most interesting vulnerabilities live in the long tail.
Training Data Provenance: Griffin AI vs Mythos
Training data is a supply chain component. Knowing what went into a model is the precondition for knowing what could come out of it. Few tools track this; the few that do matter disproportionately.
Remediation Prioritisation With Reachability And EPSS
CVSS alone is a bad prioritisation signal in 2026. Reachability plus EPSS gives teams a defensible order to fix the vulnerabilities that actually matter.
Cost Per Finding: Griffin AI vs Mythos
Token spend per scan is the wrong metric. Cost per actionable finding is the right one — and it's where engine-plus-LLM economics dominate pure-LLM economics.