Safeguard.sh
Resources

Supply Chain Security, in plain English.

Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.

Filtering by tag:#vulnerability11 articles
All (11)AI Security (294)DevSecOps (153)Open Source Security (132)Best Practices (126)Vulnerability Analysis (98)Incident Analysis (83)Industry Analysis (80)Application Security (73)Compliance (68)Container Security (64)Software Supply Chain Security (51)Vulnerability Management (47)Regulatory Compliance (42)Threat Intelligence (41)Supply Chain Attacks (36)Product (35)Cloud Security (35)SBOM (34)Supply Chain Security (25)Ransomware (21)Infrastructure Security (20)SBOM & Compliance (19)Industry Guides (19)Compliance & Regulations (18)Emerging Technology (17)Case Studies (17)Risk Management (16)Tool Reviews (16)Incident Response (15)Security Strategy (13)Dependency Security (11)Web Security (11)Kubernetes Security (9)Company (8)Architecture (8)Industry Trends (7)Secure Development (7)AppSec (7)How-To Guide (7)Zero-Day Exploits (7)Network Security (7)Dependency Management (7)Data Breach (7)Research (6)Tutorials (6)Security Operations (6)Organizational Security (6)Developer Security (6)Open Source (5)Breach Analysis (5)Code Security (5)Product Launch (4)Offensive Security (4)Tool Comparisons (4)Build Security (3)Vulnerability Research (3)Compliance & Frameworks (3)Regional Security (3)Policy & Compliance (3)SBOM Standards (3)Software Supply Chain (3)Analysis (3)Startup Security (3)Mobile Security (3)Hardware Security (3)Security (2)Zero-Day Analysis (2)Industry News (2)Release (2)SBOM and Compliance (2)Security Management (2)Threat Actors (2)API Security (2)Security Architecture (2)Security Culture (2)Social Engineering (2)DeFi Security (2)Cryptocurrency Security (2)Technical (1)Healthcare (1)Events (1)Frameworks (1)Product Update (1)Standards (1)Engineering (1)Language Security (1)Emerging Threats (1)Privacy (1)Lifecycle Management (1)Career Development (1)Tools & Platforms (1)Threat Modeling (1)Browser Security (1)Threat Analysis (1)Business Continuity (1)Runtime Security (1)Governance (1)Healthcare Security (1)Credential Attacks (1)Identity Security (1)PKI Security (1)Architecture Security (1)Nation-State Threats (1)Tools & Techniques (1)Privacy & Security (1)

Articles

RSS feed
AI Security

XSS Variants: Griffin AI vs Mythos

Stored, reflected, DOM, mutation, and template-injection XSS each live in a different part of the application and demand a different analysis. Griffin's engine understands template contexts, framework escaping rules, and client-side sinks; Mythos reads HTML and hopes. The difference shows up the moment you leave textbook territory.

Feb 12, 20267 min read
AI Security

Path Traversal: Griffin AI vs Mythos

Path traversal is the vulnerability class that punishes lazy analysis. Framework-specific path normalisation, OS-dependent separators, symbolic link resolution, and archive extraction all hide exploitable gaps behind code that looks defensive. Griffin's engine resolves path operations with actual semantics; Mythos reads the variable name and calls it a day.

Feb 4, 20267 min read
AI Security

SSRF Detection: Griffin AI vs Mythos

Server-side request forgery is a test of how well your scanner understands the boundary between trusted and untrusted URLs. Griffin's engine resolves URL construction through string builders, template engines, and HTTP client configuration; Mythos reads the code and guesses. On modern applications that is the difference between a finding you can ship and a finding you cannot defend.

Jan 28, 20267 min read
AI Security

Deserialization Vulnerabilities: Griffin AI vs Mythos

Unsafe deserialization looks obvious on a slide and impossible on a real codebase. Sinks are language-specific, gadgets live in third-party libraries, and the tainted byte can arrive wrapped in six layers of framework ceremony. Griffin's engine-plus-LLM design handles each of those concerns separately; Mythos-style pure-LLM scanners blur them into pattern-matching.

Jan 20, 20267 min read
AI Security

SQL Injection Chains: Griffin AI vs Mythos

SQL injection stopped being a single-line bug years ago. Modern chains stitch a tainted parameter through ORMs, caches, background jobs, and downstream services. Griffin AI's engine-plus-LLM architecture follows the taint across those hops; Mythos-class pure-LLM scanners summarise one file at a time and lose the thread.

Jan 13, 20267 min read
Vulnerability Management

CVSS 4.0 Scoring Adoption: What Changed

Two years after CVSS 4.0's release, adoption remains uneven. Here is where scoring really changed, where it did not, and how to handle mixed datasets.

Oct 10, 20254 min read
AppSec

Business Logic Vulnerabilities: The Flaws Scanners Cannot Find

Business logic vulnerabilities bypass every automated scanner because they are not coding errors. They are design errors. Here is how to identify and prevent them.

May 5, 20237 min read
Vulnerability Analysis

OpenSSL CVE-2022-3602: The Critical That Wasn't (But Still Matters)

OpenSSL pre-announced a critical vulnerability that was later downgraded to high severity. The incident revealed as much about our processes as the bug itself.

Oct 28, 20226 min read
Vulnerability Management

Spring4Shell (CVE-2022-22965) Response Analysis

A 2010-era bypass resurfaced as CVE-2022-22965 on Spring Framework for JDK 9+. Here is how the disclosure, patch, and industry response actually went.

Apr 2, 20226 min read
Page 1 of 2

Stay informed

Weekly insights on software supply chain security, delivered to your inbox.

Blog | Safeguard.sh — Software Supply Chain Security Insights