rag-security
Safeguard articles tagged "rag-security" — guides, analysis, and best practices for software supply chain and application security.
9 articles
Securing Vector Databases: The Overlooked Attack Surface in AI Apps
Vector databases became critical infrastructure the moment RAG went mainstream, but most are deployed with the security posture of a cache. Embeddings leak, indexes get poisoned, and tenants bleed into each other.
RAG Security Best Practices for 2026
Retrieval-augmented generation wired an untrusted-content pipeline straight into your model's context window. Here are the practices that keep a poisoned document or a leaked chunk from becoming an incident.
Securing LangChain and LlamaIndex Applications in Production
Agent frameworks ship fast and patch fast. The CVE history, the dangerous defaults, and a production hardening baseline for LangChain and LlamaIndex apps.
Data poisoning attacks against LLMs
A $60 domain purchase or 250 documents can backdoor an LLM. Here's how data poisoning attacks work, real cases, and how to defend against them.
What is Sensitive Information Disclosure in LLMs
LLM sensitive information disclosure leaks training data, prompts, and secrets through model outputs. Real incidents, causes, and defenses explained.
What is RAG (Retrieval-Augmented Generation) Security
RAG pipelines blend retrieved data with model instructions, creating prompt injection, poisoning, and embedding-leak risks traditional AppSec tools miss.
How indirect prompt injection hides malicious instruction...
How attackers hide malicious instructions inside webpages, documents, and retrieved content to hijack AI systems — and why RAG pipelines are especially exposed.
Memory and Context Poisoning Attacks Against AI Agents
How attackers poisoned ChatGPT's memory and RAG pipelines to hijack AI agents long-term, and the controls Safeguard uses to catch it before it spreads.
LLM Vector and Embedding Weaknesses
Embeddings aren't anonymized math — Vec2Text recovers 92% of text from vectors, and OWASP's LLM08:2025 now names inversion, poisoning, and exposed vector DBs as core AI risks.