ai-security
Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.
532 articles
Network egress controls for autonomous agent runtimes
Autonomous agents need network access to do useful work, and that access is exactly what attackers exploit when they trick an agent into exfiltrating data. Here is how to design egress controls that hold up under adversarial pressure.
ISO 42001 and AI Management Systems for Security Teams
ISO 42001 makes AI governance auditable and certifiable. Here's what security teams need to build an AIMS, where Endor Labs' AI code-risk scoring falls short, and how Safeguard closes the gap.
Prompt Injection Techniques and the Defenses That Actually Work
Prompt injection techniques range from direct override attempts to indirect payloads hidden in retrieved documents; here's what actually stops them.
AI Coding Agent Governance: Securing Copilot, Cursor, and...
How to govern Copilot, Cursor, and Claude Code with provenance tracking and permission scoping — beyond after-the-fact SCA scanning of agent-written code.
Nation-State Actors Operationalize AI: Inside GTIG's May 2026 Threat Tracker
Google's Threat Intelligence Group documented China, North Korea, Russia, and Iran moving AI from experiment to operations in May 2026 — AI-assisted vulnerability research, LLM-enabled malware, and obfuscated model-access infrastructure.
NIST SP 800-218A: Operationalizing AI Secure Development in 2026
NIST SP 800-218A turned the SSDF into an AI community profile in July 2024. Eighteen months later, what does real adoption look like for AI software teams?
Defending LLM agents against confused-deputy attacks on their tool privileges
An LLM agent with tools is a deputy that holds privileges its users do not. Attackers exploit that gap by tricking the agent into using those privileges on their behalf — here is how to design defenses that hold up.
Prompt-injection vectors specific to MCP servers and how to layer defenses
MCP servers expose three distinct prompt-injection surfaces — resource contents, tool outputs, and sampling requests — and each one needs its own defense layer. Here is how to think about them together.
Prompt injection attacks against AI coding/security tools
AI coding assistants like Copilot and Cursor can be hijacked by hidden text in files, comments, and packages. Here's how prompt injection malware works and how Safeguard detects it.
Security scanning for MCP servers and AI agent tool use
MCP servers give AI agents direct tool access, but most ship unvetted. Here's how security scanning catches tool poisoning and rug-pull attacks.
AI Cybersecurity Tools and Solutions: The 2026 Landscape
AI cybersecurity tools in 2026 split into three real categories — AI-augmented detection, AI-specific application security, and autonomous response — and most vendors only actually cover one.
AI Coding Assistant Security: 2026 Buyer Comparison
A security-focused buyer comparison of AI coding assistants in 2026: code quality risk, data exfiltration controls, license exposure, and policy enforcement.