Safeguard
Topic

AI Security

In-depth guides and analysis on ai security from the Safeguard engineering team.

678 articles

AI Security

What is Training Data Poisoning

Training data poisoning corrupts an ML model's training data to plant hidden backdoors. Learn how it works, real incidents, and how to detect it.

Mar 2, 20266 min read
AI Security

Slopsquatting (AI package hallucination attack)

Slopsquatting exploits AI coding assistants that hallucinate nonexistent package names, which attackers then register as real, malicious packages.

Mar 2, 20266 min read
AI Security

What is a Model Inversion Attack

Model inversion attacks reconstruct sensitive training data from a model's outputs. Learn how they work, real cases, and how to defend your ML APIs.

Mar 2, 20267 min read
AI Security

What is Adversarial Machine Learning

Adversarial machine learning exploits model decision boundaries via evasion, poisoning, extraction, and inference attacks -- here's how it works and how to defend against it.

Mar 2, 20266 min read
AI Security

What is Insecure Output Handling in LLMs

Insecure output handling lets LLM-generated text execute code, alter queries, or render unsanitized HTML — a real, exploitable OWASP LLM05:2025 risk.

Mar 2, 20267 min read
AI Security

MCP Server Inventory: Griffin AI vs Mythos

MCP servers are privileged dependencies. An inventory that tracks them like SBOM tracks packages is the minimum bar — and not every tool meets it.

Mar 1, 20265 min read
AI Security

Zero-Day Discovery ROI: CISO Board Deck

How to talk to your board about zero-day discovery without overpromising. The metrics, the framing, and the slides that hold up under follow-up questions.

Mar 1, 20267 min read
AI Security

What is Sensitive Information Disclosure in LLMs

LLM sensitive information disclosure leaks training data, prompts, and secrets through model outputs. Real incidents, causes, and defenses explained.

Mar 1, 20266 min read
AI Security

What is AI Governance

AI governance means the policies and technical controls that keep AI models, data, and agents safe, compliant, and auditable across your software supply chain.

Mar 1, 20267 min read
AI Security

What is RAG (Retrieval-Augmented Generation) Security

RAG pipelines blend retrieved data with model instructions, creating prompt injection, poisoning, and embedding-leak risks traditional AppSec tools miss.

Mar 1, 20267 min read
AI Security

GenAI Coding Agent Privilege Escalation

Autonomous coding agents can escalate privilege in subtle ways that traditional threat models miss. A breakdown of the common escalation paths and how to constrain them.

Feb 28, 20267 min read
AI Security

Griffin AI vs GitHub Copilot for Vulnerability Fixing

GitHub Copilot suggests fixes. Griffin AI generates fix PRs with taint paths and disproof attached. The difference is review burden.

Feb 28, 20262 min read
AI Security (Page 29) — Supply Chain Security Blog | Safeguard