Safeguard
Tag

ai-governance

Safeguard articles tagged "ai-governance" — guides, analysis, and best practices for software supply chain and application security.

31 articles

Industry Analysis

The emerging role of the AI security engineer

OWASP's 2025 LLM Top 10 ranks prompt injection #1 and calls it structurally unfixable by parameterization — a signal that AppSec skills alone no longer cover the job.

Jul 9, 20267 min read
AI Security

The OWASP Top 10 for LLM Applications, Explained

The OWASP LLM Top 10 is the closest thing the field has to a shared checklist for AI security. Here is what each of the ten risks actually means, in plain language, with the defenses that matter.

Jul 8, 20266 min read
AI Security

AI Red Teaming vs. AI-SPM: Why You Need Both

OWASP's 2025 LLM Top 10 and MITRE ATLAS both treat adversarial testing and posture scanning as separate disciplines — most AI programs still run only one.

Jul 8, 20265 min read
AI Security

GPT-5.5-Cyber and Trusted Access: The Dual-Use Governance Questions Defenders Should Be Asking

OpenAI's Daybreak ships a permissive, offensive-capable model behind a tiered Trusted Access program and a wave of government partnerships. Here's what model-risk, procurement, and security-policy teams should demand before they rely on it.

Jun 23, 20266 min read
Product

Safeguard Is Now a Connector in Claude: Continuous Compliance Monitoring for Enterprise AI

Connect Safeguard to Claude Enterprise and Claude Platform to turn Claude activity logs into real-time AI compliance monitoring, audit-ready SOC 2 / NIST / PCI-DSS evidence, and policy enforcement — activity logs only, never conversation content.

Jun 12, 20265 min read
AI Security

AI & LLM Governance for Software Development

Sonatype flags bad packages after the fact. Here's what AI governance for software development requires, and how Safeguard tracks models and output together.

Jun 4, 20268 min read
AI Security

Shadow AI: Finding and Governing the Tools Your Employees Already Use

Most of your organization is already using AI you never approved. Here is how to discover it, govern it, and offer sanctioned alternatives before it becomes a breach.

Jun 3, 20267 min read
AI Security

AI governance frameworks: managing risk in AI-built software

AI governance frameworks like NIST AI RMF and the EU AI Act now govern AI-built software. Here's what they require, and where JFrog's artifact-first approach falls short.

May 31, 20267 min read
AI Security

Responsible AI principles: what vendors commit to when bu...

What should a "responsible AI" commitment from a security vendor actually contain? A breakdown of the regulations, disclosures, and JFrog comparison every buyer should check.

May 29, 20268 min read
AI Security

Claude Opus 4.8 for Security Teams: Capabilities, AppSec Use, and Governance (May 2026)

Anthropic shipped Claude Opus 4.8 on May 28, 2026, with sharper agentic coding and better honesty about its own work. Here is what it changes for vulnerability triage, fix-PRs, and the governance you need before it touches your pipeline.

May 28, 202616 min read
AI Security

ISO 42001 and AI Management Systems for Security Teams

ISO 42001 makes AI governance auditable and certifiable. Here's what security teams need to build an AIMS, where Endor Labs' AI code-risk scoring falls short, and how Safeguard closes the gap.

May 14, 20267 min read
Tools

Anthropic Claude vs OpenAI GPT: Enterprise Security in 2026

A pragmatic comparison of Claude and GPT for enterprise deployments in 2026, focused on the security and governance controls that matter to a buyer.

May 13, 20266 min read
ai-governance — Safeguard Blog