Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Regulators across three continents are converging on a single demand: show where your training data came from. The engineering implications are larger than most labs have admitted.
Shallow call graphs miss real exploits; deep graphs surface them. We examine how Griffin AI and Mythos-class tools differ on depth, and why it matters.
Two AI bug hunters can both generate hypotheses. Only one can defend them. A field study of grounded versus ungrounded hypothesis generation in zero-day discovery.
AI models ship with dependencies, use vulnerable libraries, and introduce novel attack surfaces. Traditional scanning is not enough.
Claude Code MCP servers run with the privileges of the developer who invoked them. That makes deployment posture the entire security model.
Most enterprises rolled out AI-for-security tools faster than their governance processes could keep up. The resulting gap is where most of the pain from 2025 deployments lives.
Llama 3 is a powerful open-weight foundation model, but security workflows demand more than raw inference. Here is how Griffin AI compares.
A working engineer's review of CyberSecEval, the Meta-originated benchmark that has quietly become the default sniff test for AI-for-security claims. What it actually measures, what it misses, and how to read its scores without fooling yourself.
Weekly insights on software supply chain security, delivered to your inbox.