Skip to main content
PromptGuard provides multiple layers of security protection for your AI applications. Configure policies, detection rules, and custom filters to match your security requirements.

Security Layers

PromptGuard protects your AI applications through multiple security layers:

1. Input Filtering

  • Prompt Injection Detection: Blocks attempts to manipulate AI behavior
  • PII Redaction: Automatically removes sensitive personal information
  • Content Moderation: Filters inappropriate or harmful content
  • Custom Rules: Define your own security patterns and policies

2. Output Filtering

  • Response Monitoring: Scans AI responses for security issues
  • Data Leak Prevention: Prevents exposure of sensitive information
  • Toxicity Detection: Blocks harmful or inappropriate responses
  • Content Sanitization: Removes potentially dangerous content

3. Behavioral Analysis

  • Usage Pattern Detection: Identifies suspicious request patterns
  • Rate Limiting: Prevents abuse and protects against attacks
  • Anomaly Detection: Flags unusual AI usage behavior
  • Risk Scoring: Assigns risk levels to requests and responses

Security Policies

Policy Presets

Choose from use-case-specific security presets:
PresetDescriptionUse Case
DefaultBalanced security for general AI applicationsMost production applications
Support BotOptimized for customer support chatbotsCustomer service, help desks
Code AssistantEnhanced protection for coding toolsIDEs, code generation, dev tools
RAG SystemMaximum security for document-based AIKnowledge bases, document Q&A
Data AnalysisStrict PII protection for data processingAnalytics, data pipelines
Creative WritingNuanced content filtering for creative appsContent generation, writing tools

Custom Policies

Create custom security rules for your specific needs:
  • Define custom PII patterns
  • Set content filtering thresholds
  • Configure allowed/blocked keywords
  • Implement industry-specific compliance rules

Threat Detection

PromptGuard automatically detects and blocks:

Common Attack Vectors

  • Prompt Injection: “Ignore previous instructions…”
  • Jailbreaking: Attempts to bypass AI safety measures
  • Data Exfiltration: Requests to reveal system information
  • Social Engineering: Manipulation attempts through prompts

Data Protection

  • Credit Card Numbers: Automatically redacted
  • Social Security Numbers: Masked in responses
  • Email Addresses: Filtered based on policy
  • Phone Numbers: Redacted or anonymized
  • API Keys: Detected and blocked from exposure

Configuration

Dashboard Configuration

  1. Navigate to Projects > [Your Project] > Overview in your dashboard
  2. Select your desired preset from the dropdown
  3. Optionally create custom policies in Policies tab
  4. Configure detection thresholds and rules

API Configuration

Update project preset programmatically: 
# Update project preset (dashboard API - requires session auth)
curl -X PUT https://api.promptguard.co/dashboard/presets/projects/{project_id}/preset \
  -H "Cookie: session=YOUR_SESSION_COOKIE" \
  -H "Content-Type: application/json" \
  -d '{
    "preset_name": "default"
  }'

# List available presets (developer API - requires API key)
curl https://api.promptguard.co/api/v1/presets \
  -H "X-API-Key: YOUR_PROMPTGUARD_API_KEY"

Real-time Monitoring

Monitor security events in real-time:
  • Security Dashboard: View threats and blocks
  • Alert Notifications: Get notified of security events
  • Audit Logs: Track all security decisions
  • Performance Metrics: Monitor impact on response times

Compliance

PromptGuard helps maintain compliance with:
  • GDPR: Automatic PII detection and redaction
  • CCPA: Data privacy protection
  • HIPAA: Healthcare information security
  • SOC 2: Security controls and monitoring
  • Industry Standards: Customizable compliance rules

Best Practices

Security Configuration

  1. Start with Default preset for most applications
  2. Choose use-case-specific presets (Support Bot, Code Assistant, etc.) when they match your needs
  3. Monitor false positives and adjust with custom policies if needed
  4. Regular policy reviews to maintain effectiveness

Development Workflow

  1. Use Default preset during development
  2. Test with production-like presets in staging
  3. Deploy appropriate preset in production based on your use case
  4. Continuous monitoring and adjustment via custom policies

Next Steps

Policy Presets

Choose and configure security policy presets

Custom Rules

Create custom security rules and filters

Threat Detection

Configure advanced threat detection

Monitoring

Set up security monitoring and alerts

Common Questions

PromptGuard uses advanced pattern matching and machine learning models to identify common injection techniques like instruction overrides, role confusion, and context breaking attempts.
Blocked requests return an HTTP 400 error with details about the security violation. You can configure whether to fail open (allow) or closed (block) when the security engine is unavailable.
Yes, you can create custom rules to allow specific patterns that might otherwise be blocked. This is useful for legitimate use cases that trigger false positives.
Start with the Default preset and adjust based on your use case. Monitor your security dashboard for false positives and add custom policies if needed.
Need help configuring security? Contact our security team for personalized assistance.