AI Security
MCP Server Telemetry Data Governance
MCP server telemetry captures sensitive prompts, arguments, and outputs. A governance framework for retention, redaction, and tenant-scoped access is essential.
Apr 2, 20267 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
MCP server telemetry captures sensitive prompts, arguments, and outputs. A governance framework for retention, redaction, and tenant-scoped access is essential.
Griffin AI's evaluation harness results published for the first time. Benchmark methodology, comparison against baselines, and what the numbers mean for production use.
A senior engineer's view of OpenAI API key leakage on GitHub at scale, why automated secret scanning misses so many, and what actually stops the bleeding.
When your pipeline starts producing zero-days, you inherit responsible disclosure obligations. Here is how to do it well, with the artefacts the pipeline already gives you.
AI coding assistants are now standard developer tooling. The incident data from 2025 and early 2026 shows a recurring pattern of source code, credential, and customer data leaking through them.
Most AI observability stacks log prompts and completions. The actual security signal is in the tool calls. Here is how to capture it.
Fixing a transitive dependency is rarely a single bump. It is a cascade. Here is how to manage those cascades without flooding reviewers or breaking builds.
Multi-repo security reasoning is a graph problem, not a retrieval problem. How Griffin AI's engine scales where pure-LLM products flatten into guesswork.
Patterns for managing MCP servers through development, staging, rollout, and deprecation — with an eye on the security gaps that appear at each transition.
Weekly insights on software supply chain security, delivered to your inbox.