prompt-injection
Safeguard articles tagged "prompt-injection" — guides, analysis, and best practices for software supply chain and application security.
127 articles
CISA's Agentic AI Secure Adoption Guide (May 2026): What It Means for Software Supply Chains
On May 4, 2026, CISA and international partners published guidance on the secure adoption of agentic AI. We break down the named risks, the recommended controls, and how to operationalize them for AppSec and platform teams.
What Is AI Jailbreaking? A Defender's Security Guide
To jailbreak AI means to bypass a model's safety guardrails with crafted prompts. Here is how the technique works and, more usefully, how to defend against it.
MCP Security
MCP is standardizing how AI agents call tools, and attackers are already exploiting tool poisoning, rug pulls, and shadowing. Here's what MCP security actually requires.
Protecting GenAI: OWASP Top 10 for LLMs
OWASP's Top 10 for LLM Applications reframes AI risk around prompt injection, data poisoning, and supply chain gaps that container-only tools like Aqua can't reach.
Why LLMs Are Structurally Insecure (and What That Means for Your Pipeline)
Language models are not insecure because of a bug you can patch. They are insecure by construction — non-deterministic, context-poisonable, and unreproducible. Here is how to reason about them without pretending otherwise.
OWASP Top 10 for LLM Applications, Explained
A practitioner's walkthrough of the OWASP Top 10 for LLM Applications: what each risk looks like in a real system, which ones bite first, and the mitigations that hold up.
AI Cybersecurity Threats: The 2026 Landscape
AI has made the median attacker faster and the median phish flawless, while LLM-powered apps opened a new bug class entirely. What actually changed, and what still works.
Prompt Injection in RAG: Indirect Attacks
A senior engineer's breakdown of indirect prompt injection in RAG pipelines, how real attacks land through retrieved content, and what actually reduces exposure.
Prompt Injection in CI/CD Pipelines: Attack Paths and Defenses
When LLMs review PRs, triage issues, and fix builds, every commit message becomes attacker input. The concrete attack paths through GitHub Actions and what blocks them.
The OWASP AI Top 10 Explained: LLM Risks for 2025 and Beyond
The OWASP AI Top 10 is the community list of the most critical security risks in LLM applications, led by prompt injection. Here is what each entry means and how to defend against it.
Prompt Injection Defences: Griffin AI vs Mythos
Prompt injection is the defining AI security problem of this generation. The defences are structural, not cosmetic — and the architectural choices show.
What is AI Security
AI security protects models, training data, and agentic systems from prompt injection, poisoning, and unsafe autonomy — here's what it covers and how to build a program.