AI Security
In-depth guides and analysis on ai security from the Safeguard engineering team.
676 articles
Glossary of AI Trust, Risk, and Security Management (AI T...
A glossary of AI trust risk security management concepts: the Gartner AI TRiSM framework, its four pillars, AI risk taxonomy, and adversarial threats.
How to build an AI-specific incident response playbook
A step-by-step guide to building an AI incident response plan — covering scoping, escalation, detection, containment, and post-incident review for LLM and agent failures.
CoSAI Releases Model Signing and Incident Response Frameworks
The Coalition for Secure AI published two operational frameworks in November 2025: Signing ML Artifacts and AI Incident Response. We unpack what each contains and how to adopt them.
Prompt Injection Detection in Retrieval Systems
Indirect prompt injection arrives through your retrieval corpus, not your chat box. We cover the detection strategies that survive when attackers write your RAG content.
Claude Opus 4.5 System Card: Defender Takeaways
Anthropic released Claude Opus 4.5 on November 24, 2025 with the most detailed safety section of any system card to date. We pull out what enterprise defenders should change.
vLLM CVE-2025-62164: Tensor Deserialization RCE
vLLM 0.10.2-0.11.0 deserialized user-supplied PyTorch tensors via torch.load() in the Completions API. Memory corruption, potential RCE.
AI Model Watermarking and Provenance
Watermarking and provenance are the two most confused terms in AI security. A practical breakdown of what each actually does, where the 2025 techniques break, and what to ship in the meantime.
vLLM CVE-2025-66448: Auto-Map RCE via Model Configs
A critical RCE in vLLM allows malicious model configs to bypass trust_remote_code=False. We analyze the bug, the patch, and what every vLLM operator should do.
Anthropic's Responsible Scaling Policy v3: What Changed
RSP v3.0 takes effect February 24, 2026. It splits the AI R&D threshold, adds a CBRN-development tier, and formalizes Risk Reports.
Gemini 3 Pro and the Frontier Safety Framework Report
Google released Gemini 3 Pro on November 18, 2025 with the most thorough Frontier Safety Framework evaluation yet. We unpack what was disclosed and how it changes downstream defender posture.
ShadowMQ: 30+ RCE Flaws Across AI Inference Engines
Oligo Security disclosed ShadowMQ in November 2025: ZeroMQ-and-pickle deserialization patterns copy-pasted across vLLM, Meta Llama, TensorRT-LLM, and others. We dissect the pattern.
Training Data Provenance for Enterprise Fine-Tuning
Fine-tuning corpora are supply chain artifacts. We cover the provenance signals, attestations, and drift controls enterprises need before pushing weights to prod.