Sigil Blog
Security research for AI tooling
Threat analysis, supply chain intelligence, and practical guides for developers building with AI.
Nexus vs Artifactory vs Sigil for Secure Devs 2026
Nexus and Artifactory manage artifacts, while Sigil quarantines and scans code behavior before it runs. This guide compares their roles in a secure 2026 software supply chain for AI and open source.
Veracode Alternatives for AI Code Security 2026
Veracode excels at SAST and SCA for traditional apps, but for AI agent code and supply chain threats, tools like Sigil add critical pre-execution scanning. This guide compares alternatives and provides a decision framework.
SBOM for Containers and AI Code 2026
This guide explains SBOMs as machine-readable inventories for container and AI code components. Discover how to automate SBOM generation, combine it with behavior-based scanning, and address modern supply chain risks.
Block Hidden Install Hooks in 2026
Hidden install hooks let malware execute before code review, evading CVE scanners. This guide provides a concrete playbook to block them using pre-install quarantine, behavior-based scanning, and best practices for CI/CD and local development.
How Do You Secure AI Agent Code? The Three-Layer Security Stack Explained
AI developers face a new class of supply-chain attacks that Snyk, Dependabot, and CodeQL weren't built to catch. The three-layer AI security stack combines pre-installation quarantine scanning (Sigil), deep AI-powered vulnerability analysis (OpenAI Aardvark, Anthropic Claude Code Security), and defense-in-depth workflows to protect every stage of AI development—from git clone to production deployment.
Behavior vs CVE Scanners: 2026 Comparison
This comparison explains how behavior-based scanners detect executable threats like install hooks and data exfiltration that CVE-only scanners miss. Learn which approach to use for AI agent security in 2026.
Securing Your AI Agent Workflow with MCP + Sigil
Give your AI coding agents security tools via MCP. Scan packages before install, audit repos automatically, and prevent malicious code execution.
Community Threat Intelligence: How Sigil Gets Smarter
Learn how Sigil's community threat intelligence shares detection signatures, tracks publisher reputation, and protects developers from emerging attacks.
Adding Security Scanning to Your CI/CD Pipeline
Set up automated Sigil scans in GitHub Actions, GitLab CI, and other pipelines. Block PRs with malicious code before they merge to production.
How to Audit an MCP Server in 30 Seconds
Found an MCP server on GitHub? Learn how to quarantine, scan, and approve it in 30 seconds before connecting to Claude Code or AI agents.
Sigil vs Snyk vs Socket.dev: What's Actually Different
Honest comparison of Sigil, Snyk, Socket.dev, Semgrep, and CodeQL. Learn what each tool does well and why these security tools are complementary.
The 6 Phases of Malicious Code Detection
Learn how Sigil's 6-phase scanner detects install hooks, code patterns, network exfil, credentials, obfuscation, and provenance issues with weighted scoring.
Subscribe to Sigil threat research
New threat analysis, detection signatures, and security research delivered to your inbox.