Safeguard
Topic

AI Security

In-depth guides and analysis on ai security from the Safeguard engineering team.

676 articles

AI Security

AI Security Software: A Buyer's Guide for 2026

The label 'AI security software' now covers two different markets — tools that secure AI systems, and security tools powered by AI. How to tell them apart, what to evaluate, and the questions that expose thin products.

Jul 2, 20266 min read
AI Security

How Copilot Autofix generates AI-powered vulnerability fi...

Copilot Autofix pairs CodeQL with an LLM to patch code-scanning alerts up to 3x faster. Here's how it works, its limits, and where supply chain risk still slips through.

Jul 2, 20267 min read
AI Security

AI Agent Tool-Use Security: Locking Down What Agents Can Do

The moment you give an LLM tools, it stops being a chatbot and becomes an actor in your systems. Tool-use security is about making sure a compromised agent hits a wall instead of a credential.

Jul 1, 20266 min read
AI Security

RAG Security Best Practices for 2026

Retrieval-augmented generation wired an untrusted-content pipeline straight into your model's context window. Here are the practices that keep a poisoned document or a leaked chunk from becoming an incident.

Jul 1, 20266 min read
AI Security

Securing AI-Generated Code: A Practical 2026 Guide

AI now writes a large share of the code shipping to production, and it reproduces the same insecure patterns humans do — at machine speed. Here is how to keep AI-authored code from becoming your next incident.

Jul 1, 20266 min read
AI Security

Daybreak vs. Mythos: 2026 Is the Year the Frontier Labs Entered Defensive Security

OpenAI's Daybreak and Anthropic's Mythos both bet that frontier models can find and fix vulnerabilities at scale. The discovery race is real — but the bottleneck, the cost curve, and the winning strategy all point the same direction: be model-agnostic.

Jun 24, 20266 min read
AI Security

Patch the Planet: What AI-Generated Fixes Actually Mean for Open-Source Maintainers

OpenAI's Patch the Planet, co-founded with Trail of Bits, wants to move widely-used open-source projects from findings to fixes. The ambition is right — but it shifts the bottleneck to maintainer review, patch provenance, and the trust of machine-authored code.

Jun 24, 20266 min read
AI Security

OpenAI's Daybreak: An Honest Assessment of Codex Security, GPT-5.5-Cyber, and the Find-Validate-Patch Loop

Daybreak is the most complete attempt yet to turn a frontier model into a vulnerability-finding-and-fixing system. We break down what it gets right, where the verification and economics still bite, and how it fits alongside a purpose-built engine.

Jun 24, 20267 min read
AI Security

Securing AI coding assistants (Claude Code, Copilot, etc.)

AI coding assistants like Claude Code and Copilot introduce new supply chain risks. Here's what's actually going wrong and how to secure your pipeline.

Jun 24, 20267 min read
AI Security

Prompt Injection Examples: Attacks Seen in the Wild

From hidden text in resumes to poisoned web pages that hijack AI browsing agents, prompt injection has moved from research demos to real incidents. Here are the patterns and what actually blunts them.

Jun 24, 20266 min read
AI Security

GPT-5.5-Cyber and Trusted Access: The Dual-Use Governance Questions Defenders Should Be Asking

OpenAI's Daybreak ships a permissive, offensive-capable model behind a tiered Trusted Access program and a wave of government partnerships. Here's what model-risk, procurement, and security-policy teams should demand before they rely on it.

Jun 23, 20266 min read
AI Security

Agentic AI Security: Why Architecture Beats Model Size in Vulnerability Discovery

The CyberGym leaderboard shows the lead in AI vulnerability discovery moving to multi-agent orchestration, not raw model scale. Here is what that means for security teams betting on agentic AI.

Jun 21, 20267 min read
AI Security (Page 8) — Supply Chain Security Blog | Safeguard