model-supply-chain
Safeguard articles tagged "model-supply-chain" — guides, analysis, and best practices for software supply chain and application security.
4 articles
Threat-modeling for AI-native applications
STRIDE has six categories from 1999. OWASP's LLM Top 10 and MITRE ATLAS's ~84 techniques show why agentic AI needs new threat-modeling columns, not a new framework.
Securing LLM and Model Supply Chains
JFrog found roughly 100 malicious model files on Hugging Face in 2024 alone — model weights are now a build-pipeline attack surface, and most teams have no SBOM for them.
State of AI Security in Enterprise 2026
Where enterprise AI security actually stands in 2026: model supply chain risks, agent threats, governance gaps, and the controls that measurably reduce exposure.
Hugging Face Pickle Backdoor Research 2025
Pickle-serialized model files remain a live attack surface on Hugging Face. Here is what 2025 research disclosed about persistent backdoors and what defenders should do about it.