Safeguard
Tag

model-signing

Safeguard articles tagged "model-signing" — guides, analysis, and best practices for software supply chain and application security.

6 articles

AI Security

Model Weights as Supply Chain Artifacts: Signing and Provenance

A 4 GB safetensors file deserves the same signing, hashing, and provenance discipline as a container image. How to actually do it with Sigstore, OCI registries, and AIBOMs.

Apr 26, 20266 min read
AI Security

AI Model Weights: Signing, Attestation, Provenance

Model weights are binaries with the privilege of code and the review of documents. Here is what signing, attestation, and provenance should actually look like.

Feb 8, 20267 min read
AI Security

AI Model Weight Tampering Detection Techniques

Weight-level tampering leaves cryptographic and statistical fingerprints. Here is what current research says about detecting a modified checkpoint before it reaches inference.

Jan 29, 20268 min read
AI Security

CoSAI Releases Model Signing and Incident Response Frameworks

The Coalition for Secure AI published two operational frameworks in November 2025: Signing ML Artifacts and AI Incident Response. We unpack what each contains and how to adopt them.

Dec 4, 20257 min read
AI Security

AI Model Watermarking and Provenance

Watermarking and provenance are the two most confused terms in AI security. A practical breakdown of what each actually does, where the 2025 techniques break, and what to ship in the meantime.

Nov 25, 20257 min read
AI Security

OpenSSF Model Signing v1.0: Sigstore for ML

OpenSSF launched Model Signing v1.0 in April 2025 with Sigstore integration. NVIDIA NGC adopted it the same month. We explain what it signs, how to verify, and where the gaps are.

May 8, 20257 min read
model-signing — Safeguard Blog