llm-security
Safeguard articles tagged "llm-security" — guides, analysis, and best practices for software supply chain and application security.
108 articles
Securing RAG pipelines against injection attacks
RAG pipelines feed untrusted retrieved content straight into model context. Real breaches like EchoLeak show what happens when nothing checks it.
Mapping AI-generated code risks to the CWE Top 25
45% of AI-generated code fails security tests. Here's how CWE Top 25 weaknesses like XSS, SQLi, and broken auth map to specific LLM coding habits.
AI & LLM Governance for Software Development
Sonatype flags bad packages after the fact. Here's what AI governance for software development requires, and how Safeguard tracks models and output together.
Cisco's May 2026 Multi-Turn Jailbreak Study: Why Frontier Model Safety Collapses Over a Conversation
Cisco's AI threat team tested 15 flagship models with ~7,000 multi-turn attacks and found success rates as high as 88 percent. Single-turn safety scores told defenders almost nothing about real-world resilience.
Best AI red teaming tools ranked
Best AI red teaming tools ranked: how Mend.io's SCA scanning and Safeguard's exploitability-first SBOM analysis actually differ for AI supply chain risk.
Prompt Injection Techniques and the Defenses That Actually Work
Prompt injection techniques range from direct override attempts to indirect payloads hidden in retrieved documents; here's what actually stops them.
LLM Jailbreak Defense Architectures in 2026
Jailbreaks against frontier models keep getting more sophisticated. The defense architectures that have proven durable, and the ones that get bypassed in weeks.
Protecting GenAI: OWASP Top 10 for LLMs
OWASP's Top 10 for LLM Applications reframes AI risk around prompt injection, data poisoning, and supply chain gaps that container-only tools like Aqua can't reach.
OWASP Top 10 for LLM Applications, Explained
A practitioner's walkthrough of the OWASP Top 10 for LLM Applications: what each risk looks like in a real system, which ones bite first, and the mitigations that hold up.
How to Secure AI Agents on the MCP Protocol
MCP gives AI agents real tools, real credentials, and real blast radius. Here is a hardening guide for running MCP servers in production without torching your environment.
State of AI Security in Enterprise 2026
Where enterprise AI security actually stands in 2026: model supply chain risks, agent threats, governance gaps, and the controls that measurably reduce exposure.
What is AI Security
AI security protects models, training data, and agentic systems from prompt injection, poisoning, and unsafe autonomy — here's what it covers and how to build a program.