We are excited to announce the general availability of Safeguard 5.0, the most significant update to our platform since its inception. This release reflects everything we have learned from working with security teams, development organizations, and compliance officers over the past year. It is built around three core principles: deeper visibility, smarter prioritization, and seamless integration into existing workflows.
What is New in Safeguard 5.0
Griffin AI: Intelligent Vulnerability Analysis
The headline feature of Safeguard 5.0 is Griffin AI, our new AI-powered analysis engine. Griffin does not just match CVEs to software versions -- it analyzes the context of each vulnerability within your specific environment to provide actionable intelligence.
Griffin AI provides:
Reachability analysis. Not every vulnerability in your dependency tree is actually exploitable in your application. Griffin analyzes call graphs and code paths to determine whether a vulnerable function is actually invoked by your code. A critical CVE in a library you depend on matters much less if your application never calls the vulnerable function.
Exploit prediction. Using historical patterns and vulnerability characteristics, Griffin predicts the likelihood that a newly disclosed CVE will be weaponized by threat actors. This helps security teams focus on the vulnerabilities most likely to be exploited, rather than treating every critical-severity CVE as equally urgent.
Remediation recommendations. Griffin suggests specific remediation actions, including the minimum version upgrade needed to address a vulnerability, potential breaking changes to watch for, and alternative packages if the vulnerable dependency is unmaintained.
Expanded SBOM Analysis
Safeguard 5.0 significantly expands our SBOM capabilities:
Multi-format support. We now support SPDX 2.3, CycloneDX 1.5 and 1.6, and our own enriched format. Import and export in any supported format, with automatic conversion between formats.
Runtime SBOM generation. In addition to build-time SBOM generation, Safeguard 5.0 can generate SBOMs from running containers and deployed applications. This captures the actual software in production, including dynamically loaded libraries and runtime dependencies that build-time analysis may miss.
SBOM diff and drift detection. Compare SBOMs across versions to see exactly what changed between releases. Detect drift between the expected SBOM (from the build) and the actual SBOM (from production) to identify unauthorized modifications or missing components.
Dependency graph visualization. Interactive visualization of your entire dependency tree, with vulnerability annotations showing where risks exist in the supply chain. Quickly identify which transitive dependencies are introducing risk and which direct dependencies can be updated to resolve them.
Redesigned Policy Engine
The policy engine in Safeguard 5.0 has been rebuilt from the ground up:
Policy as code. Define security policies in YAML or JSON and manage them through your existing GitOps workflows. Policies can be versioned, reviewed, and deployed alongside your application code.
Granular conditions. Policies can now evaluate complex conditions including vulnerability severity, EPSS score, exploit availability, dependency depth, license type, and custom metadata. Create policies that match your organization's specific risk tolerance and compliance requirements.
CI/CD integration. Policy gates integrate directly with GitHub Actions, GitLab CI, Jenkins, and other CI/CD platforms. Builds that violate policy can be blocked, warned, or flagged for review, depending on the policy configuration.
Compliance mapping. Policies can be mapped to specific regulatory requirements (NIST SP 800-218, EU CRA, PCI DSS 4.0, etc.), so policy violations automatically generate compliance findings.
Architecture Improvements
Under the hood, Safeguard 5.0 includes significant performance and scalability improvements:
Parallel SBOM processing. Large SBOMs with thousands of components are now processed in parallel, reducing analysis time from minutes to seconds.
Incremental vulnerability correlation. When new CVEs are published, Safeguard incrementally correlates them against your existing SBOMs rather than re-processing everything. This means new vulnerability alerts are generated within minutes of CVE publication.
API-first design. Every capability in Safeguard 5.0 is accessible through our REST API, enabling deep integration with security orchestration platforms, ticketing systems, and custom workflows.
Migration Guide
For existing Safeguard customers, the upgrade to 5.0 is straightforward:
- All existing SBOMs and vulnerability data are automatically migrated.
- Existing policy configurations are converted to the new format.
- API endpoints from Safeguard 4.x remain available during a transition period.
We recommend reviewing the new policy engine capabilities, as many organizations will want to take advantage of the more granular conditions and compliance mapping features.
What is Next
Safeguard 5.0 is the foundation for our 2025 roadmap, which includes:
- IDE extensions (coming in Q2) for real-time vulnerability feedback during development.
- Hardware SBOM support for firmware and IoT device analysis.
- Expanded regulatory compliance coverage for the EU Cyber Resilience Act.
- Advanced AI capabilities in Griffin, including natural language querying of your security posture.
We built Safeguard 5.0 to be the platform that security teams actually want to use, not just another compliance checkbox tool. We hope you will give it a try.
How Safeguard.sh Helps
Safeguard 5.0 represents our commitment to making software supply chain security practical, actionable, and integrated into the way modern development teams work. Whether you are managing SBOMs for regulatory compliance, prioritizing vulnerabilities in a sea of CVEs, or trying to enforce security policies without slowing down development, Safeguard 5.0 is built for you.
Visit safeguard.sh to explore the new features, or reach out to our team for a personalized walkthrough of how Safeguard 5.0 can strengthen your organization's security posture.