AI Security
Zero-Day Discovery In Your Dependency Graph
Most zero-days that hurt enterprises in 2026 live three or four hops deep in the dependency graph. Here is what it takes to actually find them there.
Apr 9, 20267 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Most zero-days that hurt enterprises in 2026 live three or four hops deep in the dependency graph. Here is what it takes to actually find them there.
Agent runaway is no longer a theoretical risk — it is a line item on quarterly variance reports. The 2026 trend in agentic AI is less about model capability and more about who pays when an agent loops.
A repeatable onboarding flow for adding MCP servers to an enterprise registry without becoming the team that says no to everything.
AI-authored fix PRs are only safe when there is a deliberate human review gate in front of them. Here is how to build one that is fast and trustworthy.
Most security pipelines are organised around CVEs that already exist. Here is what changes when you flip the pipeline to surface zero-days first instead.
Demos live on a single repo and a curated dataset. Real deployments hit fifty repos, three CI providers, two cloud accounts, and an air-gapped environment. The gap is where vendors get sorted.
MCP servers went from a niche protocol to standard agent infrastructure in under two years. The vulnerability disclosure landscape is catching up — fast, messily, and with patterns worth tracking.
Long-lived shared tokens are the wrong unit of trust for MCP servers. Here is the per-server scoped-credential pattern and how to roll it out.
Most fix PRs fail because they ignore breaking changes in the patched version. Here is how breaking-change-aware remediation closes vulns without regressions.
Weekly insights on software supply chain security, delivered to your inbox.