Product
In-depth guides and analysis on product from the Safeguard engineering team.
68 articles
Safeguard Is Now in Your Browser: the Chrome Extension Is Live
One click on the Chrome Web Store puts Griffin AI search in a side panel next to any tab — one permission, no host access, no data collection, under 8 KiB. Here's what it does and why we built it so small.
What's New: Live Agentic Search, a Real Trust Center, and Safeguard in Your Browser
A tour of this month's releases — watching Griffin work in real time, publishing your security posture and artifacts to a governed Trust Center, and reaching Safeguard from the browser, CLI, IDE, and MCP.
Safeguard Expands Into a Unified, AI-Native Defensive Security Platform
Safeguard is growing from a posture and findings platform into a first-party detection and prevention platform — first-party AppSec, defensive red-teaming, AI security, data security, runtime/CNAPP, and a supply-chain package firewall — all feeding one prioritized findings model.
Set It and Forget It: Onboarding the Guard SDK Just Got a Lot Simpler
Generate a secret key from Settings, drop it into the Guard SDK, and your live security policy is enforced automatically — no manual wiring, no restarts when policy changes. OAuth login is available too.
Introducing the Package Firewall and AI Model-Artifact Scanning
Two supply-chain defenses are rolling out on Safeguard: an install-time Package Firewall that blocks malicious npm and pip packages before they resolve, and AI model-artifact scanning that inspects model weights — now including ONNX — for malware before they load.
Introducing First-Party SAST and DAST: One Findings Model Across Code and Runtime
Safeguard is extending the platform with first-party static (SAST) and dynamic (DAST) application security testing — sharing one unified findings model with SCA, secrets, container, and IaC, with defensive-only DAST that only ever touches targets you've proven you own.
Dependabot alerts vs CodeQL analysis: what's the difference
Dependabot flags known vulnerabilities in dependencies; CodeQL finds flaws in your own code. Here's how the two differ inside GitHub Advanced Security.
GitHub for Beginners: getting started with GitHub securit...
A beginner's guide to GitHub's free security tools, what GitHub Advanced Security actually adds, its 2025 pricing shift, and the supply chain gaps neither one covers.
GitHub Advanced Security setup made simple: guided config...
GitHub Advanced Security setup takes weeks, not clicks. Here's what GHAS configuration really involves, what it costs in 2026, and how Safeguard cuts the tuning work.
GitHub Advanced Security for Azure DevOps: general availa...
GitHub Advanced Security for Azure DevOps hit GA on June 1, 2023 at $49/committer/month. Here's what it covers, what it misses, and how Safeguard fills the gaps.
Safeguard Is Now a Connector in Claude: Continuous Compliance Monitoring for Enterprise AI
Connect Safeguard to Claude Enterprise and Claude Platform to turn Claude activity logs into real-time AI compliance monitoring, audit-ready SOC 2 / NIST / PCI-DSS evidence, and policy enforcement — activity logs only, never conversation content.
Cloud Scanning vs Hybrid Scanning: Deployment Models for ...
SaaS vs self-hosted SCA deployment compared on data residency, air-gap support, and audit scope, with a look at how Safeguard's flexible deployment model differs from cloud-only platforms.