AI Security
In-depth guides and analysis on ai security from the Safeguard engineering team.
676 articles
Prompt Injection as a Supply Chain Risk in 2026
Prompt injection stopped being an LLM curiosity the moment agents started committing code. It is now a software supply chain risk and should be modeled as one.
AI Cybersecurity Glossary: Key Machine Learning & Security Terms
A defender's glossary of AI security terms — prompt injection, model poisoning, AI-BOM, adversarial ML — with dated, real-world incidents behind each one.
What is Navigating AI for Source Code Analysis
AI source code analysis pairs LLMs with static analysis to cut false positives and speed triage -- but reachability data still decides what's real.
Instruction/Data Conflation: Why Prompt Injection Persists
Prompt injection is not a vulnerability that will be patched. It is what happens when a system cannot distinguish the instructions it is supposed to follow from the data it is supposed to process.
Griffin AI vs Gemini Code Assist: Security
Gemini Code Assist makes developers faster. But faster is not safer. Here's how Griffin AI layers a security engine onto the same developer workflow.
SPDX Coverage: Griffin AI vs Mythos
SPDX is the format auditors ask for, the format regulators reference, and the format most enterprise procurement teams standardize on. Griffin AI treats it as a first-class graph. Mythos-class tools treat it as a long document.
MCP Ecosystem Maturation: Where It's Going
The Model Context Protocol went from a single-vendor proposal to a multi-implementation standard in under eighteen months. The security implications are still being worked out in public.
FedRAMP HIGH Posture: Griffin AI vs Mythos
FedRAMP HIGH demands 421 controls with documented, continuous evidence. Griffin AI produces control-mapped records every day. Mythos-class pure-LLM tools cannot fill a 3PAO evidence package.
Taint Propagation: Griffin AI vs Mythos Approaches
Taint tells you whether attacker data actually reaches a sink. Griffin AI propagates it; Mythos-class tools infer it. The difference shows up fast.
MCP Server Discovery Protocol Security
MCP server discovery turns a client connection string into a live capability graph. The protocol mechanics that make this convenient also widen the blast radius when discovery is spoofed, tampered with, or silently reshaped mid-session.
Artificial Intelligence and Cyber Security: Risks and Benefits
A balanced look at what artificial intelligence and cyber security actually means in practice today, the concrete benefits teams are seeing and the new risks AI introduces into the same systems.
Hugging Face Pickle Backdoor Research 2025
Pickle-serialized model files remain a live attack surface on Hugging Face. Here is what 2025 research disclosed about persistent backdoors and what defenders should do about it.