ai-security
Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.
532 articles
Griffin AI vs Mistral Large for Remediation
Mistral Large is a strong reasoning model, but remediation is more than generating a diff. We look at what Griffin AI adds for production fix workflows.
The MCP Threat Model: What Actually Matters in 2026
Most MCP threat models confuse protocol risk with deployment risk. Here is what the real attack surface looks like after a year of production incidents.
SWE-Bench With Security Extensions: Field Review
SWE-bench became the default benchmark for measuring AI coding agents, but the security extensions that were bolted on afterwards deserve their own scrutiny. A field review of what they measure, where they break, and whether you should trust the numbers.
Griffin AI vs Claude Opus for Triage
Griffin uses Claude Opus as its deepest reasoning engine. Here's what triage looks like with Opus alone versus Opus running inside Griffin's eval harness.
Fine-Tuning Security LLMs vs Grounding: Which Wins
Fine-tuning teaches a model to be a security expert. Grounding lets a general model act like one by reading the right sources. The right answer is usually both, but the proportions matter.
Griffin AI vs OpenAI Codex for Security
Codex-style coding agents are powerful for writing features. Security remediation needs a different shape of system—one that grounds frontier reasoning in SBOM, policy, and reachability context.
Anthropic MCP Security Model: A Deep Dive
Anthropic's Model Context Protocol introduces a new trust boundary between agents and tools. Here is how the security model actually works in practice.
Context Window As A Security Limit
The context window is usually marketed as a capability parameter. In a security setting, it behaves like a budget, a forgetting function, and an attack surface all at once.
Griffin AI vs Gemini Ultra for Security Reasoning
Gemini Ultra sets a high bar on complex reasoning benchmarks. But security reasoning is not benchmark reasoning. Here's how Griffin AI's engine-first approach changes the outcome.
Training Data Provenance: The Regulatory Wave
Regulators across three continents are converging on a single demand: show where your training data came from. The engineering implications are larger than most labs have admitted.
Call Graph Depth Compared: Griffin AI vs Mythos
Shallow call graphs miss real exploits; deep graphs surface them. We examine how Griffin AI and Mythos-class tools differ on depth, and why it matters.
Hypothesis Quality: Griffin AI vs Mythos
Two AI bug hunters can both generate hypotheses. Only one can defend them. A field study of grounded versus ungrounded hypothesis generation in zero-day discovery.