When we shipped Griffin AI as part of Safeguard v5, the pitch was simple: ask questions about your software inventory in plain English and get answers without writing queries. It worked. Security analysts loved it. Mean-time-to-answer dropped by 80% for common questions.
But we heard the feedback: Griffin v1 was good at answering questions. It was not good at solving problems.
"Which services use OpenSSL 1.1.1?" is a useful question to answer. But what the analyst actually needs is: identify the affected services, determine which vulnerabilities are exploitable, generate a remediation plan, and produce the pull requests to fix them. Griffin v1 handled step one. The analyst did the rest manually.
Griffin AI v2 closes that gap.
What is New
Multi-Step Reasoning
Griffin v1 processed each query independently. No memory of previous questions, no ability to build on earlier results. If you asked "which services use log4j?" and then "which of those are internet-facing?", Griffin v1 could not connect the two questions.
Griffin v2 maintains conversation context across a session. It understands follow-up questions, can chain analyses together, and builds a working model of the problem you are investigating. The result is a conversational investigation experience rather than a series of disconnected lookups.
Under the hood, this is powered by a session-scoped context window that includes the SBOM data, policy configuration, and infrastructure topology relevant to the current investigation. Griffin v2 does not just remember what you asked — it remembers the data it retrieved, the filters it applied, and the conclusions it drew.
Remediation Generation
This is the feature we are most excited about. When Griffin v2 identifies a vulnerability that needs fixing, it can generate a remediation pull request.
Here is how it works:
- Griffin identifies that Service X uses
lodash@4.17.20, which has a known prototype pollution vulnerability (CVE-2021-23337) - Griffin checks the package registry and determines that
lodash@4.17.21contains the fix - Griffin analyzes the Service X codebase to verify there are no breaking API changes between the two versions
- Griffin generates a PR that bumps the version in
package.jsonandpackage-lock.json, with a description explaining the vulnerability, the fix, and the risk assessment
The PR still requires human review and approval. Griffin v2 does not merge anything autonomously. But it eliminates the manual work of researching the fix, checking compatibility, and writing the update code.
In our beta program, remediation PRs generated by Griffin v2 had a 78% acceptance rate without modifications. The remaining 22% required minor adjustments, typically related to test configuration or peer dependency conflicts that Griffin could not fully resolve.
Organizational Context
Griffin v1 treated every query as if it came from a generic user. Griffin v2 understands your organization's structure, policies, and priorities.
If your organization has a policy that production services must not use dependencies with CVSS scores above 9.0, Griffin v2 knows that. When you ask "what's our biggest risk right now?", it prioritizes findings that violate your policies over findings that are generically severe but within your risk tolerance.
This organizational context includes:
- Policy gates and their configurations
- Service criticality tiers (which services are Tier 1 vs. Tier 3)
- Deployment environments (production, staging, development)
- Team ownership (which team owns which services)
- Historical remediation patterns (how quickly does Team A typically fix critical vulnerabilities?)
The result is answers that are specific to your organization rather than generic security advice.
Natural Language Policy Authoring
Writing policy gates in Safeguard v5 required understanding our policy DSL. It was not difficult, but it was a barrier for security analysts who think in terms of intent rather than syntax.
Griffin v2 can create and modify policies from natural language descriptions:
"Block any deployment that includes a dependency with an active CISA KEV entry"
Griffin v2 translates this into the corresponding policy gate configuration, shows you the result for review, and applies it upon approval. It handles edge cases by asking clarifying questions — "Should this apply to all environments or just production?" — rather than making assumptions.
Architecture
Griffin v2 runs on a retrieval-augmented generation (RAG) architecture with several key improvements over v1:
Vector-indexed SBOM data. Your entire SBOM inventory is indexed for semantic search, enabling Griffin to find relevant components even when the query uses imprecise language. Asking about "that JSON parsing library we use everywhere" works as well as asking about "jackson-databind."
Real-time vulnerability feeds. Griffin v2 has live access to NVD, OSV, CISA KEV, and EPSS data. When it assesses risk, it uses current information, not a stale snapshot.
Code analysis integration. For remediation generation, Griffin v2 integrates with your source control to read repository contents, understand dependency configurations, and generate accurate pull requests.
Guardrails. Every Griffin v2 response includes citations — links to the SBOM data, vulnerability records, and policy configurations that informed the answer. This is not a black box. You can verify every claim.
What We Learned from the Beta
We ran the Griffin v2 beta with 40 organizations over three months. Here is what we learned:
Conversation length matters. The average productive conversation with Griffin v2 is 6-8 messages. Beyond that, the context window becomes unwieldy and response quality degrades. We addressed this by implementing automatic context summarization at conversation boundaries.
Remediation PRs need conservative defaults. Early beta users were surprised when Griffin generated PRs that bumped major versions. We tightened the default to only generate PRs for patch and minor version updates. Major version bumps require explicit user request.
Organizational context is a cold-start problem. Griffin v2 is dramatically more useful once it has ingested your policies, service catalog, and team ownership data. The onboarding flow now prioritizes these integrations.
Analysts use Griffin v2 differently than they used v1. Griffin v1 was a lookup tool — quick questions, quick answers. Griffin v2 is an investigation partner. Analysts use it for extended triage sessions, working through a set of findings and generating remediation plans as they go.
Availability
Griffin AI v2 is available today for all Safeguard customers on the Team and Enterprise plans. If you are on the Free plan, you get a limited number of Griffin v2 queries per month to try it out.
Existing Griffin v1 conversations continue to work. The upgrade is automatic — your next conversation will use the v2 engine.
How Safeguard.sh Helps
Griffin AI v2 is the most significant upgrade to Safeguard since v5 launched. It transforms the platform from a tool you query to a partner that helps you solve security problems end-to-end. If your team spends hours triaging vulnerabilities, researching fixes, and writing update PRs, Griffin v2 can compress that workflow from hours to minutes. And because it understands your organizational context, the answers are specific to your environment, not generic advice you could get from a Google search.