Safeguard.sh
Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

Filtering by tag:#mcp10 articles
All (10)AI Security (294)DevSecOps (153)Open Source Security (132)Best Practices (126)Vulnerability Analysis (98)Incident Analysis (83)Industry Analysis (80)Application Security (73)Compliance (68)Container Security (64)Software Supply Chain Security (51)Vulnerability Management (47)Regulatory Compliance (42)Threat Intelligence (41)Supply Chain Attacks (36)Product (35)Cloud Security (35)SBOM (34)Supply Chain Security (25)Ransomware (21)Infrastructure Security (20)SBOM & Compliance (19)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Dependency Security (11)Web Security (11)Kubernetes Security (9)Company (8)Architecture (8)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Data Breach (7)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Open Source (5)Breach Analysis (5)Code Security (5)Product Launch (4)Offensive Security (4)Tool Comparisons (4)Build Security (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Mobile Security (3)Hardware Security (3)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)Social Engineering (2)DeFi Security (2)Cryptocurrency Security (2)Technical (1)Healthcare (1)Events (1)Frameworks (1)Product Update (1)Standards (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Healthcare Security (1)Credential Attacks (1)Identity Security (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed
Best Practices

How to Secure AI Agents on the MCP Protocol

MCP gives AI agents real tools, real credentials, and real blast radius. Here is a hardening guide for running MCP servers in production without torching your environment.

Mar 24, 20267 min read
AI Security

Claude MCP Tool Poisoning Threat Model 2026

A senior engineer's threat model for Claude MCP tool poisoning in 2026, covering malicious servers, description hijacking, and the authorization patterns that actually help.

Mar 21, 20267 min read
AI Security

AI Agent Tool Confused Deputy Problem in 2026

A senior engineer's take on the confused deputy problem in AI agent tool use, why it keeps reappearing in 2026, and the architectural patterns that actually fix it.

Mar 14, 20267 min read
AI Security

MCP Server Inventory: Griffin AI vs Mythos

MCP servers are privileged dependencies. An inventory that tracks them like SBOM tracks packages is the minimum bar — and not every tool meets it.

Mar 1, 20265 min read
Product

Safeguard MCP Server: Public Release Details

The Safeguard MCP Server is publicly available and works with Claude Desktop, claude.ai, Claude Code, ChatGPT, Cursor, Gemini, and Grok. Here is the tool surface.

Feb 27, 20267 min read
AI Security

Griffin AI vs Claude Desktop MCP for Security

Claude Desktop's MCP support makes it a capable security tool. Griffin AI builds on that foundation rather than competing with it.

Feb 18, 20262 min read
AI Security

Securing MCP Servers in the Enterprise: A Practical Guide

MCP servers connect AI agents to your infrastructure. Here's how to secure them without killing the productivity gains.

Feb 15, 20267 min read
AI Security

AI Agent Security Risks: Why Autonomous Systems Are the Next Supply Chain Frontier

AI agents are consuming APIs, installing packages, and executing code autonomously. The security implications are massive and largely unaddressed.

Jan 20, 20266 min read
AI Security

The MCP Threat Model: What Actually Matters in 2026

Most MCP threat models confuse protocol risk with deployment risk. Here is what the real attack surface looks like after a year of production incidents.

Jan 18, 20267 min read
Page 1 of 2

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.

Blog | Safeguard.sh — Software Supply Chain Security Insights