Safeguard
Tag

llm

Safeguard articles tagged "llm" — guides, analysis, and best practices for software supply chain and application security.

33 articles

AI Security

AI Agent Tool Calling Security: Risks and Mitigations

AI agents that call tools -- APIs, databases, file systems, code interpreters -- convert non-deterministic LLM output into real-world actions. Securing this boundary is the defining challenge of agentic AI.

Mar 10, 20257 min read
AI Security

LLM-Augmented Bug Discovery Methodology

A practitioner's methodology for using LLMs to augment — not replace — traditional bug discovery workflows, with patterns that hold up under real review load.

Feb 25, 20259 min read
AI Security

Prompt Injection as a Supply Chain Risk: When AI Dependencies Are Exploitable

Prompt injection is not just an application vulnerability. When LLMs process content from the software supply chain -- package descriptions, README files, commit messages -- injection becomes a supply chain attack vector.

Jan 20, 20257 min read
Software Supply Chain Security

Typosquatting Meets AI: The New Threat of AI-Generated Package Names

AI code assistants recommend packages that do not exist, and attackers are registering those hallucinated names. This new typosquatting vector exploits the trust developers place in AI suggestions.

Oct 20, 20247 min read
AI Security

Security Testing for LLM-Powered Applications

Applications built on large language models introduce novel attack surfaces that traditional security testing does not cover. This guide addresses the specific testing methodologies needed for LLM applications.

Oct 15, 20247 min read
AI Security

The LLM Supply Chain: Risks Hiding in Foundation Models

Large language models have their own supply chains: training data, fine-tuning datasets, model weights, and serving infrastructure. Each layer introduces risk.

Nov 8, 20235 min read
AI Security

OWASP Top 10 for LLM Applications: A First Look

OWASP published its first Top 10 for LLM Applications on August 1, 2023. Here is what it covers, where it overreaches, and how to use it on real systems.

Sep 28, 20235 min read
AI Security

Securing LLM Applications: The OWASP Top 10 for Large Language Models

OWASP released its Top 10 for LLM Applications in August 2023, providing the first standardized framework for understanding and mitigating risks in AI-powered software.

Sep 25, 20235 min read
AI Security

LLM Prompt Injection: The New Supply Chain Attack Vector

Prompt injection attacks against large language models represent a dangerous new frontier in software supply chain security. Here's what defenders need to know.

Aug 10, 20236 min read
llm (Page 3) — Safeguard Blog