Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Applications built on large language models introduce novel attack surfaces that traditional security testing does not cover. This guide addresses the specific testing methodologies needed for LLM applications.
AI-generated deepfakes are making social engineering attacks against software supply chains more convincing and harder to detect.
Poisoned AI models are a supply chain threat that traditional security tools can't detect. Here are the emerging techniques for identifying compromised models.
AI-powered code review tools promise to catch vulnerabilities faster than humans. We tested the claims against reality.
Automated vulnerability patching sounds ideal until you consider what happens when the automation gets it wrong. Here's a realistic look at autonomous remediation.
As organizations download pre-trained models from Hugging Face and other model hubs, the AI supply chain introduces risks that traditional software security tools don't address.
Large language models have their own supply chains: training data, fine-tuning datasets, model weights, and serving infrastructure. Each layer introduces risk.
OWASP published its first Top 10 for LLM Applications on August 1, 2023. Here is what it covers, where it overreaches, and how to use it on real systems.
OWASP released its Top 10 for LLM Applications in August 2023, providing the first standardized framework for understanding and mitigating risks in AI-powered software.
Weekly insights on software supply chain security, delivered to your inbox.