Search

Search across all your SBOMs, components, and vulnerabilities with Griffin AI-powered natural language queries. The Search interface features Defense Mode Active - Griffin AI's security-focused search capabilities.

Griffin 2.0

The Search page is powered by Griffin 2.0, Safeguard.sh's purpose-built large language model for software supply chain security. Griffin 2.0 understands:

• Security context and vulnerability semantics
• Component relationships and dependency chains
• License compliance requirements
• Supply chain risk factors

Defense Mode Active

When you access the Search page, you'll see "Defense Mode Active" indicating that Griffin AI is ready to assist with security-focused queries. Griffin understands security terminology and can interpret complex queries about your software supply chain.

Natural Language Search

Griffin AI understands natural language queries:

"Show me all critical vulnerabilities in production"

"Find components with GPL licenses"

"What packages are affected by Log4j?"

"Show outdated dependencies in the payments service"

"Which projects have exploitable vulnerabilities?"

"List all components from untrusted suppliers"

Search Syntax

Basic Queries

lodash                    # Find component named lodash
CVE-2021-23337           # Find specific CVE
react 18.2.0             # Find specific version

Filter Operators

name:lodash               # Component name
version:>=4.17.0          # Version comparison
severity:critical         # Vulnerability severity
license:MIT               # License type
project:my-app            # Within specific project
reachable:true            # Only reachable vulnerabilities
exploitable:true          # Only exploitable vulnerabilities

Boolean Operators

lodash AND vulnerable     # Both conditions
lodash OR underscore      # Either condition
NOT deprecated            # Exclude condition

Search Results

Results are organized by type:

Components

• Package name and version
• Projects where it's used
• Vulnerability count
• License information

Vulnerabilities

• CVE identifier
• Severity and CVSS score
• Affected components
• Fix availability

Projects

• Project name
• Last scan date
• Security score
• Compliance status

Starred Searches

Save frequently used queries as starred searches:

1. Perform your search
2. Click the Star icon
3. Name the starred search
4. Access from Starred Searches in the sidebar

Managing Starred Searches

The sidebar shows:

• New chat - Start a new search conversation
• Starred Search - Access your starred queries
• Recent Chats - Previous search conversations

Examples of useful starred searches:

• "Query Conversation" - For complex multi-turn security queries
• "Vulnerabilities" - Quick access to vulnerability searches
• "Findings" - Access to security findings queries

Search Conversations

Griffin 2.0 supports conversational search:

1. Start with a query
2. Ask follow-up questions
3. Refine your search through dialogue
4. Griffin maintains context throughout the conversation

Example conversation:

You: "Show me critical vulnerabilities"
Griffin: [Lists critical vulnerabilities]
You: "Which of these are exploitable?"
Griffin: [Filters to exploitable vulnerabilities]
You: "Can you fix the top 3?"
Griffin: [Provides AI Remediate options]

Search API

Use the API for programmatic search:

curl -X POST "https://api.safeguard.sh/v1/search" \
  -H "Authorization: Bearer $API_KEY" \
  -d '{"query": "severity:critical AND reachable:true"}'

Export Results

Export search results in multiple formats:

• JSON - Raw data
• CSV - Spreadsheet compatible
• PDF - Formatted report