Safeguard
Tag

regulatory

Safeguard articles tagged "regulatory" — guides, analysis, and best practices for software supply chain and application security.

19 articles

AI Security

ISO 27001 Mapping: Griffin AI vs Mythos

ISO 27001 Annex A has 93 controls in the 2022 revision, each needing documented evidence. Griffin AI emits records that map cleanly. Mythos-class pure-LLM tools force control owners to narrate.

Feb 5, 20267 min read
AI Security

SOC 2 Type II Evidence: Griffin AI vs Mythos

A SOC 2 Type II auditor samples a control population across a reporting period. Griffin AI creates that population as a natural output. Mythos-class pure-LLM tools leave you reconstructing it.

Jan 29, 20267 min read
AI Security

FedRAMP HIGH Posture: Griffin AI vs Mythos

FedRAMP HIGH demands 421 controls with documented, continuous evidence. Griffin AI produces control-mapped records every day. Mythos-class pure-LLM tools cannot fill a 3PAO evidence package.

Jan 22, 20266 min read
AI Security

EU CRA Readiness: Griffin AI vs Mythos

The EU Cyber Resilience Act wants mandatory vulnerability handling, SBOM delivery, and documented due diligence. Griffin AI produces those artifacts continuously. Mythos-class tools produce conversations about them.

Jan 16, 20267 min read
AI Security

SSDF Attestation: Griffin AI vs Mythos

The NIST SSDF attestation form asks structured questions with structured answers. A chat transcript is not an answer. We explain how Griffin AI produces the evidence auditors expect, and why Mythos-class tools struggle.

Jan 9, 20267 min read
Release

Safeguard v3: Compliance-First Supply Chain Security

Safeguard v3 adds compliance framework mapping, automated evidence collection, audit-ready reporting, and VEX document support for regulatory readiness.

Oct 1, 20246 min read
Regulatory Compliance

Open Banking API Supply Chain Security

Open banking depends on a tangle of SDKs, certificate authorities, and directory services. What PSD2, the UK's Open Banking Standard, and the emerging US framework mean for supply chain security.

Jul 18, 20247 min read
regulatory (Page 2) — Safeguard Blog