Safeguard
Tag

ai-security

Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.

532 articles

AI Security

Securing MCP server registries: risks of unvetted AI tool...

Unvetted MCP servers already power tool poisoning and rug-pull attacks. Here's why package scanning like JFrog's isn't enough, and how to actually secure your MCP registry.

May 30, 20268 min read
AI Security

AI agent skills and plugin repositories: why they need th...

AI agent skills and MCP plugins are packages in disguise—executable, publicly registered, and largely ungoverned. Here's why they need npm-grade supply chain controls.

May 30, 20268 min read
AI Security

Responsible AI principles: what vendors commit to when bu...

What should a "responsible AI" commitment from a security vendor actually contain? A breakdown of the regulations, disclosures, and JFrog comparison every buyer should check.

May 29, 20268 min read
AI Security

Claude Opus 4.8 for Security Teams: Capabilities, AppSec Use, and Governance (May 2026)

Anthropic shipped Claude Opus 4.8 on May 28, 2026, with sharper agentic coding and better honesty about its own work. Here is what it changes for vulnerability triage, fix-PRs, and the governance you need before it touches your pipeline.

May 28, 202616 min read
AI Security

Securing AI coding assistants: governance patterns for to...

AI coding assistants like Claude Code and Cursor now write, install, and execute code with minimal oversight. Here's the governance framework that closes the gap JFrog's artifact scanning leaves open.

May 28, 20267 min read
AI Security

Evaluating AI Security Posture Management (AI-SPM) tools:...

A practical, criteria-based comparison of Safeguard and Mend.io for AI-SPM buyers: provenance verification, AI-BOM depth, and CI/CD policy enforcement.

May 25, 20268 min read
AI Security

Best AI red teaming tools ranked

Best AI red teaming tools ranked: how Mend.io's SCA scanning and Safeguard's exploitability-first SBOM analysis actually differ for AI supply chain risk.

May 25, 20267 min read
Buyer's Guides

Mend.io vs Noma Security: AI security platform comparison

Mend.io vs Noma Security: how these AI security platforms compare, and where Safeguard fits with its own AI-BOM, model scanning, and AI Gateway.

May 24, 20269 min read
AI Security

Claude, GPT, and Coding Harness Security: Comparing Model...

Claude and GPT both write vulnerable code by default in coding harnesses. Comparing model behavior, then Safeguard's approach versus Endor Labs' reachability-first SCA.

May 20, 20268 min read
AI Security

AI-Based Cybersecurity Tools: What to Look For

AI based cybersecurity tools range from genuinely useful triage assistants to thin wrappers around a generic model, and the difference is usually visible in how the tool handles context, not in its marketing.

May 19, 20265 min read
Cloud Security

When Configuration Is the Vulnerability: Microsoft's May 2026 Look at Exposed AI Apps on Kubernetes

Microsoft's May 14, 2026 research found AI frameworks shipping Helm charts that expose web UIs on internet-facing LoadBalancers with no authentication and cluster-admin service accounts. Mage AI on port 6789 was the headline, but it was far from alone.

May 15, 202613 min read
AI Security

Keeping secrets out of agent context windows: brokers, scoped tokens, and redaction

Every secret that touches an agent's context window is a secret the agent can leak. Just-in-time credential brokers, scoped-token issuance, and redaction layers keep the surface small without breaking the agent's ability to do real work.

May 15, 20268 min read
ai-security (Page 12) — Safeguard Blog