Safeguard
Tag

ai-security

Safeguard articles tagged "ai-security" — guides, analysis, and best practices for software supply chain and application security.

532 articles

AI Security

AI Data Poisoning Defense: Protecting Models from Tainted Data

You do not need to corrupt most of a training set to backdoor a model — recent research suggests a small, near-constant number of poisoned documents can be enough. Defense starts with treating data as a dependency.

Jul 4, 20265 min read
FAQ

AIBOM (AI Bill of Materials): Frequently Asked Questions

A practical FAQ on AI bills of materials in 2026 — what an AIBOM captures, how it extends SBOMs to models and datasets, model provenance risks, formats, and governance drivers.

Jul 3, 20266 min read
AI Security

LLM Jailbreak Prevention: A Defense-in-Depth Playbook

A jailbreak is not the same thing as a prompt injection, and conflating them leads to defenses that miss. Here is how modern jailbreaks actually work and the layered controls that hold the line.

Jul 3, 20265 min read
AI Security

Prompt Injection Prevention: A Defense-in-Depth Guide

Prompt injection is the top risk on the OWASP list for LLM applications for a reason: there is no single patch. Preventing it means layering controls around a model that cannot reliably tell instructions from data.

Jul 3, 20266 min read
AI Security

AI Model Supply Chain Attacks: How Weights Become Malware

You would never run an unknown binary from a stranger, but teams pull unknown model weights off public hubs every day. Loading them can be code execution — and that is only the most obvious link in the chain.

Jul 2, 20265 min read
AI Security

What Is Agentic Development Security?

When an AI agent can read your repo, run commands, open pull requests, and call external tools on its own, the security model shifts from reviewing code to governing an actor. Here is what agentic development security means and why it is different.

Jul 2, 20266 min read
AI Security

MCP Server Security: 8 Best Practices for 2026

The Model Context Protocol connects AI agents to your tools and data. That power cuts both ways. Here are eight concrete practices for running MCP servers without handing attackers a remote control.

Jul 2, 20265 min read
AI Security

Securing Vector Databases: The Overlooked Attack Surface in AI Apps

Vector databases became critical infrastructure the moment RAG went mainstream, but most are deployed with the security posture of a cache. Embeddings leak, indexes get poisoned, and tenants bleed into each other.

Jul 2, 20265 min read
AI Security

AI Security Software: A Buyer's Guide for 2026

The label 'AI security software' now covers two different markets — tools that secure AI systems, and security tools powered by AI. How to tell them apart, what to evaluate, and the questions that expose thin products.

Jul 2, 20266 min read
AI Security

How Copilot Autofix generates AI-powered vulnerability fi...

Copilot Autofix pairs CodeQL with an LLM to patch code-scanning alerts up to 3x faster. Here's how it works, its limits, and where supply chain risk still slips through.

Jul 2, 20267 min read
AI Security

AI Agent Tool-Use Security: Locking Down What Agents Can Do

The moment you give an LLM tools, it stops being a chatbot and becomes an actor in your systems. Tool-use security is about making sure a compromised agent hits a wall instead of a credential.

Jul 1, 20266 min read
AI Security

RAG Security Best Practices for 2026

Retrieval-augmented generation wired an untrusted-content pipeline straight into your model's context window. Here are the practices that keep a poisoned document or a leaked chunk from becoming an incident.

Jul 1, 20266 min read
ai-security (Page 7) — Safeguard Blog