AI Security
Griffin AI vs Sourcegraph Cody for Security Use
Cody's codebase-wide context is valuable for security review. Griffin AI adds reachability, taint, and policy grounding that Cody doesn't target.
Mar 24, 20262 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Cody's codebase-wide context is valuable for security review. Griffin AI adds reachability, taint, and policy grounding that Cody doesn't target.
Claude's prompt caching gives you 90% discount on cached tokens. Security workloads have massive cacheable surface area. Griffin AI takes advantage; direct API use often does not.
We attended the Open Source Security Summit 2026 and came back with five actionable insights for security teams.
An analysis of the state of open-source security in 2025. Critical infrastructure runs on projects maintained by small, often unpaid teams. Here is what the data shows and why it matters.
AI agents that can execute code, browse the web, and manage infrastructure are proliferating. The security implications of these autonomous frameworks demand scrutiny.
Moving from one orchestration platform to another surfaces hidden trust relationships. A security-first migration plan for Airflow, Dagster, and Prefect transitions.
Trademarks matter in open source security because they are the signal of authentic origin. When trademark policies fail, typosquatting, impostor forks, and compromised builds follow.
Pydantic v2 rewrote the core in Rust and changed validation semantics. Here is what that means for security-sensitive code, from input coercion to ReDoS exposure.
Exhausted maintainers are not just a welfare problem. They are a security problem. Burnout is a precondition for social engineering, delayed patches, and hostile takeovers.
Weekly insights on software supply chain security, delivered to your inbox.