ai-security
Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.
532 articles
AI-Powered Security Companies: A Buyer's Map
Nearly every security vendor now claims to be an ai security company — here's how to tell genuine AI-powered security from a rebadged feature, and what to actually evaluate before you buy.
Leakage Testing Methods For Security Benchmarks
A benchmark that the model has seen in training is a benchmark of memorisation. Specific leakage-testing methods separate generalisation from recall.
Griffin AI vs Claude Desktop MCP for Security
Claude Desktop's MCP support makes it a capable security tool. Griffin AI builds on that foundation rather than competing with it.
Griffin AI vs Mythos: Architecture Deep Dive
An architectural comparison of Griffin AI's engine-grounded reasoning stack against the pure-LLM pattern that Mythos-class products rely on.
MCP Transport Layer Security Options
MCP supports stdio, streamable HTTP, and a handful of experimental transports. Each has distinct security properties, and the choice of transport constrains every other security decision you make about the deployment.
Multi-Modal AI Supply Chain Considerations
Multi-modal models bring image, audio, and video into the AI supply chain. Each modality introduces provenance and integrity challenges that text-only pipelines never had to face.
AI-Generated Dockerfile Vulnerability Patterns
LLM-generated Dockerfiles repeat the same six or seven mistakes. Here is the pattern catalog and how to catch them before they ship.
npm Slopsquat: The Hallucinated Package Risk in 2026
Slopsquatting is the practice of registering package names that LLMs hallucinate, turning AI coding assistants into an accidental distribution channel.
Griffin AI vs OpenAI Function Calling: Scoping
Function calling gives models the ability to act. Acting safely on behalf of a specific user, in a specific context, within specific policy is a different problem.
LLM Selection Cost-Quality Tradeoff For Security
LLM selection is ultimately a cost-quality optimisation under workflow constraints. The curve is not smooth, and the right point on it depends on where errors land in your pipeline.
Unbounded Output Space And Security Contracts
A function whose output space is finite and enumerable can be secured by testing. A function whose output space is every string of tokens up to some length cannot. That difference quietly invalidates most classical security contracts.
EU AI Act Enforcement: Year One Review
The first enforcement window under the EU AI Act has closed. The actual pattern of enforcement looks different from the one vendors and advocacy groups predicted.