Safeguard
Tag

zero-day

Safeguard articles tagged "zero-day" — guides, analysis, and best practices for software supply chain and application security.

80 articles

Industry Events

Agentic AI Security Owned RSAC 2026: Innovation Sandbox, Launch Pad, and the Startups Worth Watching

Geordie AI won the RSAC 2026 Innovation Sandbox with an agentic AI security pitch, and nearly every finalist leaned on AI. Here is an honest recap of the contest, Launch Pad, and the Cryptographers' Panel — and what the signal actually means.

Mar 30, 20267 min read
Industry Events

RSAC 2026's Five Most Dangerous Attack Techniques: Every One Now Runs on AI

For the first time in the history of the SANS keynote, all five of the most dangerous new attack techniques carry an AI dimension — from AI-generated zero-days to your vendor's vendor's vendor. Here's the honest breakdown, plus what defenders should actually do.

Mar 29, 20267 min read
AI Security

Engine-Plus-LLM vs Pure-LLM Bug Hunters

The difference between an engine-plus-LLM bug hunter and a pure-LLM one is not a tuning detail. It is a structural divide that determines whether the findings are usable.

Mar 26, 20267 min read
AI Security

Zero-Day Triage Without Drowning Engineers

A zero-day discovery pipeline is only as useful as the triage process around it. Here is what triage looks like when the pipeline gives engineers something they can defend.

Mar 21, 20267 min read
AI Security

Proof-Of-Concept Payloads From Discovered Paths

A taint path is not an exploit. Here is how a zero-day pipeline turns a reachable flow into a defensible proof-of-concept payload without inventing a vulnerability.

Mar 16, 20267 min read
Threat Intelligence

UNC5221 Ivanti Exploitation Campaign Analysis

UNC5221 chained Ivanti Connect Secure zero-days through 2024 and 2025. The campaign reads like a masterclass in living off trusted edge appliances.

Mar 13, 20267 min read
AI Security

Zero-Day Discovery Economics: Cost Per Find

The economics of zero-day discovery have been opaque for too long. Here is the actual cost structure of finding a real, defensible bug, and how to think about it.

Mar 11, 20267 min read
AI Security

Coordinated Disclosure With Upstream Maintainers

Coordinated disclosure with open-source maintainers is a relationship business. Here is what makes it work in 2026, with the artefacts a modern pipeline gives you.

Mar 6, 20267 min read
Incident Analysis

Confluence Zero-Day Lessons: What CVE-2023-22515 Showed About SaaS-Adjacent On-Prem Risk

The Confluence broken access control zero-day from October 2023 hit thousands of self-hosted instances. A 2026 look at the exploit, the response, and the durable lessons.

Mar 5, 20265 min read
AI Security

Zero-Day Discovery ROI: CISO Board Deck

How to talk to your board about zero-day discovery without overpromising. The metrics, the framing, and the slides that hold up under follow-up questions.

Mar 1, 20267 min read
AI Security

Deserialization Chains: Griffin AI vs Mythos

CWE-502 deserialisation chains are the canonical stress test for AI bug hunters. Why Griffin AI's grounded synthesis finds real chains and Mythos-class scanners hallucinate them.

Feb 19, 20266 min read
AI Security

Novel Bug Class Detection: Griffin AI vs Mythos

What happens when the bug does not match any known CWE? A study of how grounded and pure-LLM scanners perform on genuinely novel vulnerability patterns.

Feb 11, 20266 min read
zero-day (Page 3) — Safeguard Blog