Safeguard
Tag

ai-security

Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.

532 articles

AI Security

Securing MCP Servers Without Killing Developer Velocity

MCP servers are spreading inside engineering orgs faster than security teams can review them. Here is how to govern them without slowing teams down.

Apr 12, 20267 min read
AI Security

Why LLMs Are Structurally Insecure (and What That Means for Your Pipeline)

Language models are not insecure because of a bug you can patch. They are insecure by construction — non-deterministic, context-poisonable, and unreproducible. Here is how to reason about them without pretending otherwise.

Apr 12, 20267 min read
AI Security

Auto-PR Remediation Without Broken Builds

Automated fix pull requests sound great until half of them fail CI. Here is how to ship auto-PR remediation that keeps the green build, every time.

Apr 11, 20267 min read
AI Security

DSPM for AI: navigating data and AI compliance regulations

DSPM for AI closes the gap traditional tools miss: tracking sensitive data through embeddings, fine-tuning, and vector stores to meet EU AI Act and Colorado AI Act requirements.

Apr 11, 20268 min read
AI Security

API Surface Reviewed: Griffin AI vs Mythos

Most platform comparisons stop at features. The API surface is where automation and integration actually happen — and where vendors quietly diverge.

Apr 10, 20265 min read
AI Security

Why LLM-Based Vulnerability Scanning Needs More Than a Single Model

Large language models are being used to find vulnerabilities in open-source code. But a single model, no matter how capable, isn't enough. Here's why multi-agent orchestration, structured CWE analysis, and deep context matter more than model size.

Apr 10, 202611 min read
AI Security

Zero-Day Discovery In Your Dependency Graph

Most zero-days that hurt enterprises in 2026 live three or four hops deep in the dependency graph. Here is what it takes to actually find them there.

Apr 9, 20267 min read
AI Security

OWASP Top 10 for LLM Applications, Explained

A practitioner's walkthrough of the OWASP Top 10 for LLM Applications: what each risk looks like in a real system, which ones bite first, and the mitigations that hold up.

Apr 9, 20266 min read
AI Security

Claude Code and AI Coding Agent Security Basics

Anthropic Claude Code security rests on permission gating, sandboxed execution, and human approval for risky actions — the same fundamentals any AI coding agent needs before it's allowed to run commands or edit code unattended.

Apr 9, 20265 min read
AI Security

Agentic AI Budget Explosions And Cost Controls

Agent runaway is no longer a theoretical risk — it is a line item on quarterly variance reports. The 2026 trend in agentic AI is less about model capability and more about who pays when an agent loops.

Apr 8, 20267 min read
AI Security

Enterprise MCP Registry Onboarding Process

A repeatable onboarding flow for adding MCP servers to an enterprise registry without becoming the team that says no to everything.

Apr 8, 20267 min read
AI Security

LLM Traces and Evals: The Missing Layer in AI Supply Chain Security

Prompt traces and offline evals are standard hygiene for ML teams, but almost nobody treats them as supply chain telemetry. They should be. Here's how traces and evals plug into SBOM and reachability as a fourth security signal.

Apr 8, 20267 min read
ai-security (Page 15) — Safeguard Blog