ai-security
Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.
532 articles
The State of Agentic AI Adoption report
New survey data on the state of agentic AI adoption shows enterprises racing to deploy autonomous agents faster than security teams can govern them.
AI Trust Report: developer sentiment on AI-generated code
Safeguard's 2026 AI Trust Report surveyed 1,412 developers and finds 91% use AI coding tools weekly, but only 34% trust the code it produces.
5 risks of open source software in 2026
Open source now makes up most enterprise code. Here are 5 risks defining open source software security in 2026 — and how to close the exploitability gap.
Building an Eval Suite for Your Security LLM Workflows
If you use an LLM anywhere in your security program — triage, remediation, detection — you need an eval suite with the same rigor as your test suite. Here is a concrete harness: datasets, thresholds, CI gates, and drift detection.
AI in Network Security: Where It Actually Helps Today
AI in network security earns its keep in anomaly detection and alert triage today, not in autonomous response — here's the honest split between what's proven and what's still marketing.
Zero-Day Discovery With LLM-Augmented Reachability: A Safeguard Engine Walkthrough
Pattern-matching scanners miss zero-days by definition. An engine that follows taint across package boundaries plus a model that hypothesizes exploit conditions can find what either would miss alone. Here is how that pipeline works end to end.
MCP Security
MCP is standardizing how AI agents call tools, and attackers are already exploiting tool poisoning, rug pulls, and shadowing. Here's what MCP security actually requires.
Frontier LLM Vendors Are Not Your Supply Chain Security Vendor
Coding agents from OpenAI, Anthropic, and Google are excellent tools. They are also not supply chain security platforms, and the assumption that they can replace one is already producing expensive gaps.
Cybersecurity AI: Where It Genuinely Helps Today
A no-hype survey of where cybersecurity AI actually delivers measurable results right now, versus the applications still stuck in the demo stage.
Pattern Scanners Can't Find Zero-Days. This Can.
Signature-based scanners only know what other people have already named. Here is the architectural reason they cannot find zero-days, and what actually does.
AI Agent Supply Chain Attacks: 2026 Trend Watch
AI agents pull tools, models, and data from a sprawling chain of upstream providers. In 2026 attackers learned to poison that chain — and the fallout is shaping how enterprises buy and operate agentic systems.
Model Context Protocol Permissions Model Explained
MCP's permissions model is subtle. Here is a careful walkthrough of how tool scoping, sampling, and resource access actually work in production.