Press Release

Safeguard Expands Into a Unified, AI-Native Defensive Security Platform

Dublin, California·
Safeguard Communications
3 min read

DUBLIN, Calif. — July 6, 2026 — Safeguard today announced a broad expansion of its platform, growing from a security posture and findings platform into a first-party detection and prevention platform. The expansion adds first-party application security testing, defensive adversary emulation, AI and data security posture management, runtime threat detection, and a supply-chain package firewall — with every engine emitting into a single, unified, tenant-isolated findings model.

Building on the first-party SAST and DAST engines it introduced last week, Safeguard now delivers static analysis using tree-sitter taint and dataflow analysis across JavaScript/TypeScript, Python, and Java, and dynamic testing driven by a headless-Chromium crawler with the OWASP suite, out-of-band verification, proof-based confirmation, and authenticated scanning. Dynamic testing remains defensive-only, with active checks running solely against ownership-verified, in-scope targets under mandatory rate limits and a full audit trail.

The expansion introduces a defensive red-team capability for adversary emulation. It runs breach-and-attack simulation and purple-team exercises using benign detection canaries rather than weaponized payloads, builds an attack-path graph that feeds unified risk, performs safe reconnaissance, and validates AI and LLM guardrails. Every active step is gated behind signed rules of engagement, explicit approvals, a live kill-switch, and an immutable audit record.

New posture engines cover AI and data security. AI security posture management scans model artifacts — including pickle, PyTorch, safetensors, and GGUF files — for malware and unsafe deserialization. Data security posture management classifies sensitive data such as PII, PHI, PCI, and secrets under a strict redaction mandate that records where sensitive data exists without copying the sensitive values into findings.

On the runtime side, Safeguard adds ATT&CK-mapped runtime threat detection correlated with cloud posture, with an eBPF-based collector for deeper Linux runtime visibility currently rolling out. A supply-chain package firewall provides inline, install-time blocking of typosquats, dependency-confusion attempts, and known-malicious packages before they resolve into a lockfile. Across all engines, an automated triage layer performs cross-scanner deduplication and noise reduction, with a standing rule that malware and secret findings are never suppressed.

Every engine feeds one findings model with a shared severity scale, status lifecycle, and tenant and organization scoping, and every engine is administrator-toggleable with enablement enforced server-side.

"For years, security teams have been handed more tools and left to reconcile them by hand," said Hritik Kumar Sharma, Founder and CEO of Safeguard. "Our expansion is not about adding more disconnected consoles — it is the opposite. Detection, prevention, and prioritization now share one findings model, all of it defensive by design, so a team sees one prioritized picture instead of a dozen dashboards that disagree with each other."

The new engines are available now and enable through the same administrative controls and unified API used across the rest of the platform. Safeguard's platform continues to run on-premises and in air-gapped environments consistent with the rest of its deployment tiers.

About Safeguard

Safeguard is the software supply chain security platform that fuses multiple scanners, a security-only AI model lineup (Griffin · Eagle · Lion), and reachability-aware reasoning to find what pattern scanners miss — from CVEs to candidate zero-days — and to ship the fix with cited reasoning. Learn more at https://safeguard.sh.

Media Contact

press@safeguard.sh

productplatformappsecred-teamai-securityruntime
Media contact
Safeguard Press Desk
press@safeguard.sh
Subscribe
Newsroom RSS
/feed.xml