Safeguard
Tag

inventory

Safeguard articles tagged "inventory" — guides, analysis, and best practices for software supply chain and application security.

12 articles

AI Security

Detecting shadow MCP servers in developer environments

Unauthorized MCP servers running on developer laptops are the agent-era equivalent of shadow IT. Here is how to inventory them, see them at runtime, and bring them under policy.

May 13, 20268 min read
Best Practices

You Cannot Secure What You Cannot See: Asset Discovery

Most breaches start with an asset nobody remembered owning. Continuous asset discovery is the foundation that every other control depends on.

Apr 12, 20267 min read
Best Practices

Discovering Shadow AI Models In Production

Engineers ship models faster than security can track them. Here is how to find shadow AI in production without slowing the teams that build it.

Apr 8, 20267 min read
Best Practices

Inventory Of MCP Servers: Enterprise Program

MCP servers proliferate faster than governance can track them. Build an inventory program that captures every server, tool, and consumer agent.

Apr 4, 20267 min read
Best Practices

Finding Forgotten Public npm Packages In Your Org

Public npm packages your org published years ago are now an attacker's best targets. Find them before someone else does.

Mar 30, 20267 min read
Best Practices

Unifying Software And AI Assets In One Graph

Two parallel inventories for software and AI assets do not survive contact with reality. A unified graph is what makes governance feasible.

Mar 25, 20267 min read
Best Practices

Asset Discovery For M&A Due Diligence

M&A due diligence runs on questionnaires that nobody can verify. Continuous asset discovery turns the diligence period into a data exercise.

Mar 20, 20267 min read
Best Practices

Runtime Asset Attribution: Pods To Services

Mapping a running pod back to a service, repo, owner, and SBOM is the boring infrastructure that makes every other security control useful.

Mar 15, 20267 min read
Best Practices

Asset Discovery As CMDB Replacement In 2026

The traditional CMDB cannot keep up with cloud, AI, and agent workloads. Continuous discovery is the only model that survives 2026.

Mar 10, 20267 min read
Best Practices

Tracking Vendor-Supplied Binaries In Your Runtime

Vendor binaries run as root and ship without SBOMs. Continuous discovery brings them under the same governance as your own code.

Mar 5, 20267 min read
AI Security

MCP Server Inventory: Griffin AI vs Mythos

MCP servers are privileged dependencies. An inventory that tracks them like SBOM tracks packages is the minimum bar — and not every tool meets it.

Mar 1, 20265 min read
Best Practices

Continuous Asset Discovery vs Quarterly Inventory

Quarterly inventories are wrong by the time they are signed. Continuous discovery is the only model that matches modern rates of change.

Feb 28, 20267 min read
inventory — Safeguard Blog