llm-security
Safeguard articles tagged "llm-security" — guides, analysis, and best practices for software supply chain and application security.
108 articles
What is RAG (Retrieval-Augmented Generation) Security
RAG pipelines blend retrieved data with model instructions, creating prompt injection, poisoning, and embedding-leak risks traditional AppSec tools miss.
RAG Pipeline Security Controls in 2026
Retrieval-augmented generation pipelines have become a primary breach vector for LLM products. The controls that contain the risk without breaking the use case.
The OWASP Top 10 for Large Language Model Applications: A Field Guide
A working breakdown of the OWASP Top 10 for Large Language Model Applications — what each risk actually looks like in production and how teams are testing for it.
Prompt Injection Defense Architectures in 2026
Prompt injection remains the LLM01 entry on the OWASP LLM Top 10 for a reason. A pragmatic look at the defense architectures that hold up in production this year.
LLM Output Filtering as a Security Control
Output filters are the last line before the user and the tool call. We cover when they work, when they fail, and how to measure them honestly in production.
Artificial Intelligence and Cyber Security: Risks and Benefits
A balanced look at what artificial intelligence and cyber security actually means in practice today, the concrete benefits teams are seeing and the new risks AI introduces into the same systems.
AI Agent Tool-Scope Enforcement Patterns
Agents get tool lists, not tool boundaries. We walk through scoping patterns that actually hold when Claude 4 or GPT-5 picks the wrong function at runtime.
How data poisoning attacks corrupt LLM behavior during tr...
A single expired domain and $60 can poison a training set. Here's how data poisoning attacks corrupt LLM behavior — and how Safeguard verifies training data before it ships.
How slopsquatting exploits AI-hallucinated package names
Slopsquatting attacks turn AI-hallucinated package names into real supply chain threats. Here's how it works, the numbers behind it, and how Safeguard stops it.
Using confidential computing to protect LLM inference and...
How hardware-based secure enclaves keep LLM prompts and weights encrypted even during active inference, and why confidential AI inference is reshaping AI compliance in 2026.
What AI red teaming is and how to run a structured exercise
A practical guide to AI red teaming: how to plan, run, and report a structured LLM red team exercise using a repeatable adversarial testing methodology.
How AI safety benchmarks and evaluations measure model risk
A concrete look at how AI safety benchmark evaluation, LLM safety scorecards, and capability testing actually measure model risk in 2026 — and where they fall short.