ai-security
Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.
532 articles
From Finding To Merged Fix In An Hour
A one-hour cycle from vulnerability finding to merged fix is achievable in 2026, but only with a pipeline designed for it. Here is what that pipeline looks like.
Tool-Call Hijacking: Griffin AI vs Mythos
A hijacked tool call is more consequential than a hijacked response. The defence requires the tool layer to police the model, not the other way around.
Guardrails for Autonomous Code-Fixing Agents
AI agents can now open pull requests that patch vulnerabilities on their own. Without guardrails — scoped permissions, test gates, human merge approval — they can also break builds and introduce new flaws at machine speed.
Enterprise AI Center Of Excellence Blueprint
An AI Center of Excellence is not a committee. It is the function that makes AI adoption coherent across business units. The blueprint is specific.
Griffin AI vs Open Weights: Supply Chain Risks
Open-weight models give you total deployment control. They also give you a new supply chain to secure. The tradeoff is worth being explicit about.
Regression Gate Design Patterns For Security LLMs
A release gate that fails on regression is the most important operational control for AI-for-security tools. The design patterns are specific and worth copying.
Small Language Models: Security Use-Case Fit
Small language models aren't a worse version of large ones. For specific security workflows, they're the right tool — if you know which workflows.
Zero-Day Triage Without Drowning Engineers
A zero-day discovery pipeline is only as useful as the triage process around it. Here is what triage looks like when the pipeline gives engineers something they can defend.
Claude MCP Tool Poisoning Threat Model 2026
A senior engineer's threat model for Claude MCP tool poisoning in 2026, covering malicious servers, description hijacking, and the authorization patterns that actually help.
Hugging Face Token Exposure 2024 Analysis
Researchers found thousands of valid Hugging Face API tokens in public code and models. Analysis of the 2024 exposures and what they mean for ML supply chain.
Fine-Tune Drift Measured On Eval Sets
Fine-tuning to improve one task frequently regresses others. Without eval harnesses, the regressions ship. The measurable drift is larger than vendors admit.
Grounded Reasoning vs Hallucinated: Griffin AI vs Mythos
The difference between grounded reasoning and hallucinated reasoning is not eloquence — it's citation. A look at how Griffin AI anchors every claim.