Safeguard
Tag

developer-tools

Safeguard articles tagged "developer-tools" — guides, analysis, and best practices for software supply chain and application security.

16 articles

AI Security

AI Developer Tools: Weighing Productivity Against Security and IP Exposure

NYU found 40% of Copilot-generated code contained exploitable flaws; Samsung banned ChatGPT after three leaks in under 20 days. The productivity math still isn't simple.

Jul 8, 20267 min read
AI Security

Griffin AI vs Gemini On-Device: Developer Tools

Gemini on-device models are fast and cheap. For the developer-tool layer, they're useful. For the engine-plus-LLM layer, on-device is not the right fit.

Mar 20, 20262 min read
AI Security

Cursor Enterprise Security Buyer Review 2026

An honest security buyer's review of Cursor Enterprise for 2026: data handling, model isolation, audit posture, and the gaps to negotiate before signing.

Mar 12, 20265 min read
Supply Chain Attacks

VS Code Marketplace Malware Campaigns in 2025

A senior engineer's review of the 2025 VS Code Marketplace malware wave, including typosquats, trojanized themes, and extensions that stole npm tokens at scale.

Mar 11, 20267 min read
Tutorials

Getting Started with Safeguard IDE Extension (VS Code)

A step-by-step walkthrough for installing, configuring, and using the Safeguard VS Code extension to catch supply chain issues before you commit.

Jan 25, 20266 min read
Product Launch

Safeguard CLI v5: Faster, Smarter, More Extensible

Safeguard CLI v5 brings a rewritten scanning engine, plugin architecture, and native CI/CD integration. Here is what is new and how to upgrade.

Nov 25, 20256 min read
Product Launch

Safeguard Desktop App: Supply Chain Security Without the Browser Tab

Announcing the Safeguard Desktop App -- a native application for macOS, Windows, and Linux that brings SBOM management, vulnerability tracking, and policy gates to your desktop.

Aug 25, 20256 min read
Agent Security

MCP Inspector CVE-2025-49596: Anatomy of a 9.4 RCE in Anthropic's Reference Tool

A missing auth check in MCP Inspector versions below 0.14.1 let any website pop a shell on a developer's machine. Here is the full chain and what to fix.

Jul 8, 20256 min read
Product

Safeguard IDE Extension v5: Security Feedback Where Developers Actually Work

The Safeguard IDE Extension v5 brings SBOM generation, vulnerability alerts, and policy checks directly into VS Code and JetBrains IDEs. A deep dive into what changed and why it matters.

May 20, 20257 min read
Culture

How to Pronounce Snyk (and Other Security Tool Names People Get Wrong)

The correct answer to how to pronounce Snyk, plus a rundown of the other AppSec tool names — Nginx, Kubernetes, Grype — that trip people up in meetings.

Apr 9, 20254 min read
Best Practices

DevEx Meets DevSecOps: Why Developer Experience Determines Security Outcomes

Security tools that developers hate get bypassed. The organizations with the best security outcomes are the ones that treat developer experience as a security requirement.

Jun 15, 20246 min read
Product

Safeguard IDE Extension: Supply Chain Intelligence in Your Editor

The Safeguard VS Code extension surfaces vulnerability data, dependency health, and policy violations directly in your editor as you write code.

Jun 15, 20246 min read
developer-tools — Safeguard Blog