AI Security
AI-BOM Adoption: State of the Art in 2026
The AI Bill of Materials went from concept paper to procurement requirement in under two years. Here is what the current state of the art actually looks like.
Feb 7, 20266 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
The AI Bill of Materials went from concept paper to procurement requirement in under two years. Here is what the current state of the art actually looks like.
Dynamic dispatch hides real exploits behind indirection. Griffin AI models the dispatch; Mythos-class tools guess. That gap changes outcomes.
A jailbreak in a model you ship downstream is a supply chain incident, not a trivia item. Here is how to reason about it and where the defensive controls belong.
LLM spend forecasting is where finance teams meet AI engineering for the first time. The patterns that produce predictability are specific.
DeepSeek Coder has become a favourite for code-focused workloads. This is how it compares to Griffin AI when the job is security review, not code generation.
Finding a bug is not the same as proving it is exploitable. How Griffin AI synthesises concrete exploit paths and why pure-LLM scanners rarely get past the sketch stage.
RAG pipelines have six or seven supply chain surfaces, and most teams are only watching one. Here is how the attacks actually look in production.
SEvenLLM set out to measure how well LLMs handle Security Event analysis, the unglamorous day-to-day work of SOCs and IR teams. A design review of what the benchmark covers, how it was built, and where the coverage maps or does not map to real operations.
Weekly insights on software supply chain security, delivered to your inbox.