AI Security
In-depth guides and analysis on ai security from the Safeguard engineering team.
678 articles
AI-Based Security: What the Label Actually Means on a Product Page
AI-based security is used to describe everything from a genuinely trained detection model to a marketing rewrite of a rules engine. Here's how to tell what you're actually buying.
Direct vs Indirect Prompt Injection
Direct and indirect prompt injection are different attack vectors with different blast radii. Real 2025 CVEs like EchoLeak show why the distinction matters.
What is LLM Jailbreaking
LLM jailbreaking bypasses AI safety guardrails through techniques like DAN prompts, Crescendo, and Skeleton Key — here's how it works and how to defend against it.
What is AI Model Supply Chain Security
Model weights are executable artifacts, not data. Here's how AI model supply chain attacks work, from pickle exploits to weight tampering, and how to stop them.
RAG Poisoning In The Wild: Trend Watch
Retrieval-augmented generation was the 2024 success story. 2026 is when RAG poisoning moved from research to production incidents.
Transitive Fix Cascades: Griffin AI vs Mythos
A vulnerable transitive dependency may require upgrading an ancestor. Griffin AI computes the cascade; Mythos-class tools often stop at the first level.
What is Model Context Protocol (MCP) Security
MCP security explained: how tool poisoning, rug pulls, and 2025's critical CVEs (mcp-remote, MCP Inspector) put AI agents at risk—and how to defend against them.
What is AI Agent Security
AI agent security explained: how autonomous AI agents get attacked through prompt injection, tool poisoning, and exposed MCP servers, and how to stop it.
Risks of AI-Generated Code
AI coding assistants now write nearly half of some codebases—and research shows 45% of that code ships with exploitable flaws. Here's what security teams need to know.
What is Vibe Coding (and Its Security Risks)
Vibe coding lets AI write entire apps from a prompt with little human review — here's what it is, real incidents it's caused, and how to detect the risk.
EU AI Act Alignment: Griffin AI vs Mythos
EU AI Act enforcement began in 2026. Vendors sold as "AI security tools" are now high-risk systems with documentation obligations. The shape of the documentation matters.
Version-Aware Resolution: Griffin AI vs Mythos
A vulnerability in version 1.2.0 may not affect your 1.3.5 install if the fix reshaped the call signature. Version-aware resolution is where deterministic engines beat pure-LLM heuristics.