ai-security
Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.
532 articles
What is RAG (Retrieval-Augmented Generation) Security
RAG pipelines blend retrieved data with model instructions, creating prompt injection, poisoning, and embedding-leak risks traditional AppSec tools miss.
GenAI Coding Agent Privilege Escalation
Autonomous coding agents can escalate privilege in subtle ways that traditional threat models miss. A breakdown of the common escalation paths and how to constrain them.
LLM Selection For Security Workflows
Picking a model for a security workflow is not the same as picking one for a chatbot. Here are the criteria that actually matter and how to weigh them.
Open-Source LLM Supply Chain Incidents 2026
Open-source LLM ecosystems hit a turning point in 2026 as supply chain incidents — backdoored fine-tunes, compromised weights, malicious adapter packages — moved from rare to recurring.
Enterprise AI Data Residency Requirements, 2026
Data residency for AI workloads has moved from nice-to-have to contractually required. The shape of the requirement is specific and worth knowing before procurement.
From CVE To PR: The Full Remediation Pipeline
A complete walkthrough of the modern remediation pipeline, from advisory ingestion through merged and deployed fix, with every stage that actually matters.
Injection Path Detection: Griffin AI vs Mythos
Injection vulnerabilities are not really about the sink. They are about the path from untrusted input to the sink. The path is where Griffin AI and Mythos-class tools diverge.
Fine-Tuning Poisoning Detection for Supply Chains
Fine-tuning inherits every problem of the base model and adds dataset provenance as a new one. Here is how detection actually works in practice.
LLM-As-Judge Pitfalls In Security Evals
Using an LLM to score another LLM's output is expedient and dangerous. The judge has its own biases — ones that affect security evaluations specifically.
Griffin AI vs GPT-5: Enterprise Controls
Frontier models offer impressive enterprise features. Security programs need deeper controls than chat can provide—controls that live in the engine around the model.
Why Engine-Plus-LLM Beats Pure-LLM: Griffin vs Mythos
The structural case for engine-plus-LLM security reasoning — and why pure-LLM products in the Mythos class hit a ceiling that no parameter count can raise.
Task-Routed LLM Architectures For Security
One model for every task wastes budget on trivial work. Task-routed architectures match model capability to task requirements — the right lever for security at scale.