Safeguard
Topic

AI Security

In-depth guides and analysis on ai security from the Safeguard engineering team.

676 articles

AI Security

Governing MCP tools with per-tenant feature flags

Safeguard's MCP server exposes 650+ tools. Here's how per-tool feature flags keep each tenant scoped to exactly what it needs — with safe defaults and a fail-safe that narrows, never widens, on error.

Jul 6, 20263 min read
AI Security

Securing AI Coding Assistants: Guardrails That Hold

AI coding assistants are in nearly every IDE now. Banning them fails; trusting them blindly fails harder. The middle path is guardrails — technical controls that let assistants move fast without letting them ship the wrong thing.

Jul 5, 20265 min read
AI Security

The LLM Application Security Checklist (2026)

You are shipping an LLM feature. Before it goes live, walk this checklist — organized around the OWASP Top 10 for LLM Applications — to catch the risks that matter most in production.

Jul 4, 20265 min read
AI Security

Securing Hugging Face Models: A Practical Safety Guide

Hugging Face is the npm of machine learning, and it inherits npm's problems. Malicious weights, pickle payloads, and leaked Space secrets are all live risks — here is how to pull models safely.

Jul 4, 20265 min read
AI Security

AI Code Review and Security: Reviewer, Reviewed, or Both?

AI can review pull requests and AI can write them — sometimes in the same workflow. Both roles carry security implications teams routinely underestimate. Here is how to get the benefit without the blind spots.

Jul 4, 20266 min read
AI Security

AI Data Poisoning Defense: Protecting Models from Tainted Data

You do not need to corrupt most of a training set to backdoor a model — recent research suggests a small, near-constant number of poisoned documents can be enough. Defense starts with treating data as a dependency.

Jul 4, 20265 min read
AI Security

LLM Jailbreak Prevention: A Defense-in-Depth Playbook

A jailbreak is not the same thing as a prompt injection, and conflating them leads to defenses that miss. Here is how modern jailbreaks actually work and the layered controls that hold the line.

Jul 3, 20265 min read
AI Security

Prompt Injection Prevention: A Defense-in-Depth Guide

Prompt injection is the top risk on the OWASP list for LLM applications for a reason: there is no single patch. Preventing it means layering controls around a model that cannot reliably tell instructions from data.

Jul 3, 20266 min read
AI Security

AI Model Supply Chain Attacks: How Weights Become Malware

You would never run an unknown binary from a stranger, but teams pull unknown model weights off public hubs every day. Loading them can be code execution — and that is only the most obvious link in the chain.

Jul 2, 20265 min read
AI Security

What Is Agentic Development Security?

When an AI agent can read your repo, run commands, open pull requests, and call external tools on its own, the security model shifts from reviewing code to governing an actor. Here is what agentic development security means and why it is different.

Jul 2, 20266 min read
AI Security

MCP Server Security: 8 Best Practices for 2026

The Model Context Protocol connects AI agents to your tools and data. That power cuts both ways. Here are eight concrete practices for running MCP servers without handing attackers a remote control.

Jul 2, 20265 min read
AI Security

Securing Vector Databases: The Overlooked Attack Surface in AI Apps

Vector databases became critical infrastructure the moment RAG went mainstream, but most are deployed with the security posture of a cache. Embeddings leak, indexes get poisoned, and tenants bleed into each other.

Jul 2, 20265 min read
AI Security (Page 7) — Supply Chain Security Blog | Safeguard