ai-security
Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.
532 articles
AI Agent Blast Radius Management
Every agent in production has a blast radius. Most teams have not measured theirs. Here is how to measure it and how to bring it under control.
AI-BOM Becoming Mandatory: Regulatory Trend
AI bills of materials moved from voluntary best practice to regulatory requirement in 2026. Multiple jurisdictions now require disclosure of model, data, and component lineage for high-impact AI systems.
State of AI Security in Enterprise 2026
Where enterprise AI security actually stands in 2026: model supply chain risks, agent threats, governance gaps, and the controls that measurably reduce exposure.
Remediation Prioritisation With Reachability And EPSS
CVSS alone is a bad prioritisation signal in 2026. Reachability plus EPSS gives teams a defensible order to fix the vulnerabilities that actually matter.
MCP Authentication Patterns for Enterprise
Enterprise MCP deployments need more than a static API key. The protocol is evolving toward OAuth 2.1 and dynamic client registration, and understanding which pattern fits which workload decides whether your rollout survives the first audit.
Enterprise AI Red Team Program Design
AI red teaming is not a one-off exercise. Programmatic red-teaming of AI systems requires specific structure — and most organisations don't have it yet.
The Reproducibility Crisis In AI Security Evals
ML research has a reproducibility crisis. AI security evaluation inherits it. Vendors publishing numbers that can't be reproduced are the norm — not the exception.
Auth Bypass Discovery: Griffin AI vs Mythos
Auth bypasses are rarely a single bug. They live in the interaction between layers — middleware, route handlers, framework annotations. Finding them requires path analysis across abstraction layers.
Coordinated Disclosure With Upstream Maintainers
Coordinated disclosure with open-source maintainers is a relationship business. Here is what makes it work in 2026, with the artefacts a modern pipeline gives you.
Chain-Of-Thought For Vulnerability Reasoning
Chain-of-thought helps LLMs with multi-step problems. For vulnerability reasoning, it helps — but only when the chain is grounded in structured evidence.
Eval Harness As Release Gate For AI Features
Shipping AI features without an eval harness is shipping without tests. Here is how to build one that actually gates releases without becoming a bottleneck.
Frontier Model Pricing Pressure: Architectural Response
Frontier model pricing is rising even as cheaper alternatives proliferate. The 2026 architectural response is multi-tier model routing — and the security implications are non-trivial.