Pattern-matching scanners can only find vulnerabilities someone has already reported. Safeguard's engine plus Griffin AI traces taint across package boundaries and hypothesises exploit conditions — surfacing candidate zero-days in your dependency graph before they are published anywhere else.
Traditional SCA tools are looking for vulnerabilities that already have CVEs. A zero-day, by definition, doesn't.
Pattern scanners match your dependencies against a database of known vulnerabilities. If a vulnerability hasn't been disclosed, there's no pattern to match. You find out about the zero-day when the attacker uses it on someone else.
Your HTTP handler in app.js reaches a sink in a transitive dependency 7 hops deep. No single file contains the full vulnerability. Pure static analysis in one package misses the flow that crosses package boundaries.
LLMs asked to 'find vulnerabilities' flag every risky-looking sink. Without structured context about reachability and exploit conditions, the output is unusable at production scale.
Security teams drown in thousands of low-signal findings. Adding more noise to the queue — even if some of it is signal — doesn't help. What's needed is high-precision candidates, not high-volume alerts.
The deterministic engine walks the cross-package call graph, propagates taint from every source type to every sink, and surfaces every path that survives existing sanitizers.
For each surviving path, Griffin AI receives a structured brief (source, sink, intermediate code, version) and hypothesises the exploit class, trigger input, and CVE mapping — if one exists.
A second model pass tries to disprove the hypothesis. Only candidates that survive the adversarial check reach the review queue — keeping precision high and triage hours low.
Every model is weighted purely on cybersecurity corpora — CVE bodies, exploit write-ups, taint graphs, advisory disclosures, malware behavioural traces — not general internet text. Each is tuned for a different point on the precision/latency curve.
They cooperate: Lion flags candidates at commit time, Eagle widens the surface across a repo, Griffin proves or disproves the hypothesis with deep reasoning.
Deep reasoning · the hypothesis engine.
Heavyweight reasoning model. Walks 100-level dependency graphs, hypothesises exploit conditions, runs an adversarial disproof pass, and generates remediation PRs. Best when you need a single high-precision verdict on a candidate path.
Wide-angle triage · the surface scanner.
Fast attack-surface mapper. Sweeps the call graph, clusters taint flows, and ranks the top candidate paths in seconds so Griffin spends its budget on the right ones.
Inline · the commit-time gut check.
Tiny, distillation-trained inline model that runs in the IDE / CLI / pre-commit hook. Catches obvious vulnerable sinks and bad sanitiser usage before code reaches CI.
Inline sink + sanitiser check on the dev's machine.
Cross-package taint paths ranked across the codebase.
Deep reasoning posits an exploit chain + CWE class.
Second pass tries to refute; survivors hit the queue.
Flags a risky deserialization sink in PR #4129. Inline, <80 ms, on the developer's laptop.
Reconstructs the cross-package call graph for the merged commit, version-pinned.
Ranks 47 surviving taint paths; 6 reach untrusted HTTP entry points.
Hypothesises an unsafe-deserialization → RCE chain for the top candidate, attaches a synthesized trigger input, maps to CWE-502 with no matching CVE.
Second pass fails to refute under the project's sanitiser config; finding lands in your review queue with full evidence bundle.
Every finding lands with the full evidence bundle attached. No "trust us" verdicts.
Source → 6 hops → sink, every node version-pinned.
Mapped to the closest CWE, even when no CVE exists yet.
A synthesized payload that should reach the sink.
Every refutation the adversarial pass tried and failed.
PR-ready diff with compatibility notes for the pinned versions.
Coordinated-disclosure email pre-written, opt-in to send.
Downstream dependents affected if exploited in the wild.
Findings stay private to your tenant. Coordinated disclosure to upstream maintainers is opt-in per finding.
Taint analysis surfaces a path from HTTP request body into a deserialization sink 6 packages deep. Griffin AI hypothesises an unsafe-deserialization pattern and maps it to a known CWE. The disproof pass attempts to refute the hypothesis with specific mitigation conditions; it cannot. The finding reaches your queue with the full taint path, exploit hypothesis, disproof attempt, and a ranked evidence bundle. If you opt in, Safeguard runs coordinated disclosure with upstream maintainers on confirmed candidates.
Run the engine against your codebase and see the candidate zero-days your pattern scanner never surfaced.