Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Frontier model pricing is rising even as cheaper alternatives proliferate. The 2026 architectural response is multi-tier model routing — and the security implications are non-trivial.
A senior engineer's view of how DORA's ICT third-party risk management requirements are reshaping software supply chain controls across European financial services.
Retrieval-augmented generation was the 2024 success story. 2026 is when RAG poisoning moved from research to production incidents.
Nation-state supply chain tradecraft has evolved sharply since SolarWinds. We trace the 2025 to 2026 patterns, the operational signatures, and defensive implications.
Open-source LLM ecosystems hit a turning point in 2026 as supply chain incidents — backdoored fine-tunes, compromised weights, malicious adapter packages — moved from rare to recurring.
A senior engineer's view of how Australia's Essential Eight evolved through 2025 and 2026 to incorporate software supply chain expectations alongside the original mitigations.
Two years ago, AI vendors shipped without evals. In 2026, the posture has shifted. Customers expect benchmarks. Vendors without them lose deals.
The first enforcement window under the EU AI Act has closed. The actual pattern of enforcement looks different from the one vendors and advocacy groups predicted.
The AI Bill of Materials went from concept paper to procurement requirement in under two years. Here is what the current state of the art actually looks like.
Weekly insights on software supply chain security, delivered to your inbox.