ai-security
Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.
532 articles
Docker + MCP: Running MCP Servers in Containers Securely
MCP servers run with your credentials and your filesystem unless you say otherwise. Containerizing them with read-only mounts, dropped capabilities, and egress controls turns an open-ended trust grant into a bounded one.
Human Review Gate For AI-Generated Fix PRs
AI-authored fix PRs are only safe when there is a deliberate human review gate in front of them. Here is how to build one that is fast and trustworthy.
AI Cybersecurity Threats: The 2026 Landscape
AI has made the median attacker faster and the median phish flawless, while LLM-powered apps opened a new bug class entirely. What actually changed, and what still works.
AI cybersecurity hub (AI-driven threat detection)
Prisma Cloud's AI-driven detection watches runtime behavior, but AI in cybersecurity still misses supply chain attacks like XZ Utils. Provenance matters more.
From CVE To Zero-Day: The Pipeline Flip
Most security pipelines are organised around CVEs that already exist. Here is what changes when you flip the pipeline to surface zero-days first instead.
Prompt Injection in RAG: Indirect Attacks
A senior engineer's breakdown of indirect prompt injection in RAG pipelines, how real attacks land through retrieved content, and what actually reduces exposure.
Real-World Deployment: Griffin AI vs Mythos
Demos live on a single repo and a curated dataset. Real deployments hit fifty repos, three CI providers, two cloud accounts, and an air-gapped environment. The gap is where vendors get sorted.
MCP Vulnerability Disclosure Trends In 2026
MCP servers went from a niche protocol to standard agent infrastructure in under two years. The vulnerability disclosure landscape is catching up — fast, messily, and with patterns worth tracking.
Scoped Credentials Per MCP Server: A Pattern
Long-lived shared tokens are the wrong unit of trust for MCP servers. Here is the per-server scoped-credential pattern and how to roll it out.
Breaking-Change-Aware Remediation In 2026
Most fix PRs fail because they ignore breaking changes in the patched version. Here is how breaking-change-aware remediation closes vulns without regressions.
How DevOps Teams Actually Use AI Today
How can a DevOps team take advantage of artificial intelligence without adding risk? Mostly by pointing it at toil — log triage, test generation, and incident summarization — not by handing it the keys to production.
Safeguard Griffin AI: Eval Benchmarks Published
Griffin AI's evaluation harness results published for the first time. Benchmark methodology, comparison against baselines, and what the numbers mean for production use.