AI Security
In-depth guides and analysis on ai security from the Safeguard engineering team.
676 articles
Governing MCP tools with per-tenant feature flags
Safeguard's MCP server exposes 650+ tools. Here's how per-tool feature flags keep each tenant scoped to exactly what it needs — with safe defaults and a fail-safe that narrows, never widens, on error.
Securing AI Coding Assistants: Guardrails That Hold
AI coding assistants are in nearly every IDE now. Banning them fails; trusting them blindly fails harder. The middle path is guardrails — technical controls that let assistants move fast without letting them ship the wrong thing.
The LLM Application Security Checklist (2026)
You are shipping an LLM feature. Before it goes live, walk this checklist — organized around the OWASP Top 10 for LLM Applications — to catch the risks that matter most in production.
Securing Hugging Face Models: A Practical Safety Guide
Hugging Face is the npm of machine learning, and it inherits npm's problems. Malicious weights, pickle payloads, and leaked Space secrets are all live risks — here is how to pull models safely.
AI Code Review and Security: Reviewer, Reviewed, or Both?
AI can review pull requests and AI can write them — sometimes in the same workflow. Both roles carry security implications teams routinely underestimate. Here is how to get the benefit without the blind spots.
AI Data Poisoning Defense: Protecting Models from Tainted Data
You do not need to corrupt most of a training set to backdoor a model — recent research suggests a small, near-constant number of poisoned documents can be enough. Defense starts with treating data as a dependency.
LLM Jailbreak Prevention: A Defense-in-Depth Playbook
A jailbreak is not the same thing as a prompt injection, and conflating them leads to defenses that miss. Here is how modern jailbreaks actually work and the layered controls that hold the line.
Prompt Injection Prevention: A Defense-in-Depth Guide
Prompt injection is the top risk on the OWASP list for LLM applications for a reason: there is no single patch. Preventing it means layering controls around a model that cannot reliably tell instructions from data.
AI Model Supply Chain Attacks: How Weights Become Malware
You would never run an unknown binary from a stranger, but teams pull unknown model weights off public hubs every day. Loading them can be code execution — and that is only the most obvious link in the chain.
What Is Agentic Development Security?
When an AI agent can read your repo, run commands, open pull requests, and call external tools on its own, the security model shifts from reviewing code to governing an actor. Here is what agentic development security means and why it is different.
MCP Server Security: 8 Best Practices for 2026
The Model Context Protocol connects AI agents to your tools and data. That power cuts both ways. Here are eight concrete practices for running MCP servers without handing attackers a remote control.
Securing Vector Databases: The Overlooked Attack Surface in AI Apps
Vector databases became critical infrastructure the moment RAG went mainstream, but most are deployed with the security posture of a cache. Embeddings leak, indexes get poisoned, and tenants bleed into each other.