ai-security
Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.
532 articles
Windsurf vs Sourcegraph Cody: Security Comparison
A side-by-side security comparison of Windsurf and Sourcegraph Cody: data handling, agent scope, deployment models, and enterprise controls.
AI-Managed Security Services: What You're Actually Buying
AI managed security is sold as autonomous defense, but the honest version of the pitch is faster triage and drafted fixes with a human still signing off — worth knowing before you buy the marketing version.
Retrieval Context Poisoning At Scale
Retrieval context poisoning scales differently than direct prompt injection. The attacker's leverage grows with the RAG ingest surface.
Griffin AI vs Gemini Multimodal: Security
Gemini's multimodal capabilities are genuinely useful for some security workflows. For most security workflows, the modality is code and text, not images.
The Eval Culture Shift in AI Security
Two years ago, AI vendors shipped without evals. In 2026, the posture has shifted. Customers expect benchmarks. Vendors without them lose deals.
Source/Sink Classification: Griffin AI vs Mythos
Taint analysis only works if sources and sinks are labeled correctly. Griffin AI uses a curated catalog; Mythos-class tools infer on the fly.
MCP Server Registry Security Governance
MCP servers are becoming a new dependency class with their own supply chain risks. How to think about registry governance, verification, and enterprise ingestion policy.
Agent-to-Agent Security in Multi-Agent Systems
Multi-agent systems inherit every trust problem of single-agent systems and add a few more. Here is how the threat model actually shifts.
CSRF Modern Forms: Griffin AI vs Mythos
CSRF in 2026 is not the 2012 attack. SameSite cookies, fetch metadata, and modern frameworks changed the landscape. Detection needs to keep up.
Enterprise AI Procurement Due Diligence Checklist
AI-for-security procurement covers more than feature comparison. The due diligence checklist that surfaces structural differences between vendors.
Deserialization Chains: Griffin AI vs Mythos
CWE-502 deserialisation chains are the canonical stress test for AI bug hunters. Why Griffin AI's grounded synthesis finds real chains and Mythos-class scanners hallucinate them.
Griffin AI vs Fine-Tuned Open Weights for SecOps
Fine-tuning an open-weight model sounds like a shortcut to a custom SecOps copilot. In practice, it is one step of a much longer journey.