llm-security
Safeguard articles tagged "llm-security" — guides, analysis, and best practices for software supply chain and application security.
108 articles
How AI-powered SAST auto-fix engines actually work
GitHub says Copilot Autofix resolves two-thirds of flagged vulnerabilities with little editing; Snyk claims 80% fix accuracy. Here's the pipeline behind both numbers.
AI Red Teaming vs. AI-SPM: Why You Need Both
OWASP's 2025 LLM Top 10 and MITRE ATLAS both treat adversarial testing and posture scanning as separate disciplines — most AI programs still run only one.
Code injection risks in GenAI-generated code
Nearly 40% of GitHub Copilot's suggested programs contain exploitable vulnerabilities, and 19.7% of AI-generated code samples reference packages that don't exist.
Guardrails for Autonomous AI Agents: Allowlisting, Validation, and Human-in-the-Loop
OWASP's 2025 LLM Top 10 splits Excessive Agency into three root causes. Here's how tool allowlisting, output validation, and approval gates address each one.
Mapping the blast radius of a vulnerable AI infrastructure dependency
One Ray dashboard flaw let attackers hit hundreds of exposed AI servers. SBOM plus call-graph data is how you find every service that shares the exposure.
OWASP Top 10 for LLM Applications: A Practical Walkthrough
OWASP's 2025 LLM Top 10 added three new categories in one revision — here's what changed, why, and concrete mitigation patterns for each risk.
The blind spots of single-model AI security tooling
OpenAI's API went down three separate times in 2024 alone — if your SAST pipeline hard-depends on one model provider, its outages and blind spots become yours.
A Checklist for Reviewing AI-Generated Code Before It Merges
19.7% of packages LLMs recommend don't exist in real registries, per a 576,000-sample USENIX 2025 study — here's what to check before merging AI-written code.
Can an LLM find the same bug twice? What repeatability benchmarking reveals
In a 300-run benchmark, the best LLM scanner hit 75.4% F1 while a deterministic SAST baseline hit 100% — but the real story is in what varies between runs.
Best AI Code Security Tools in 2026: An Honest Buyer's Guide
A balanced 2026 comparison of tools for securing AI-generated code and AI-native applications — Semgrep, CodeQL with Copilot Autofix, Snyk, Socket, Endor Labs, and model-layer tools — with an honest look at where Safeguard fits.
The LLM Application Security Checklist (2026)
You are shipping an LLM feature. Before it goes live, walk this checklist — organized around the OWASP Top 10 for LLM Applications — to catch the risks that matter most in production.
LLM Jailbreak Prevention: A Defense-in-Depth Playbook
A jailbreak is not the same thing as a prompt injection, and conflating them leads to defenses that miss. Here is how modern jailbreaks actually work and the layered controls that hold the line.