PromptGuard provides six use-case-specific security policy presets to help you quickly set up appropriate protection for your AI application.
Available Presets
Default (Recommended)
Best for: General AI applications and most production use cases- Security Level: Balanced protection
- PII Detection: Moderate
- Injection Detection: Moderate
- Exfiltration Detection: Moderate
- Output Safety: Moderate
- Use Cases: Most production applications, general business use
- Moderate prompt injection detection
- Standard PII redaction
- Balanced security vs usability
- Industry-standard protection
Support Bot
Best for: Customer support chatbots and help desk applications- Security Level: Enhanced for customer interactions
- PII Detection: Strict
- Injection Detection: Moderate
- Exfiltration Detection: Strict
- Output Safety: Moderate
- Use Cases: Customer service, help desks, support systems
- Strict PII protection (critical for customer data)
- Enhanced exfiltration prevention
- Custom patterns for password/account queries
- Blocked domains for admin/internal access
Code Assistant
Best for: AI coding assistants and code generation tools- Security Level: Optimized for development tools
- PII Detection: Moderate
- Injection Detection: Strict
- Exfiltration Detection: Strict
- Output Safety: Permissive
- Use Cases: IDEs, code generation, development tools
- Strict injection detection (prevents code injection attacks)
- API key and secret detection patterns
- Allowed domains for GitHub, Stack Overflow, docs
- Permissive output safety (allows code generation)
RAG System
Best for: Retrieval-augmented generation with document knowledge- Security Level: Maximum security for document-based AI
- PII Detection: Strict
- Injection Detection: Strict
- Exfiltration Detection: Strict
- Output Safety: Moderate
- Use Cases: Knowledge bases, document Q&A, enterprise RAG
- Maximum protection across all threat types
- Custom patterns for confidential/proprietary content
- Blocked domains for internal/staging systems
- Enhanced data leak prevention
Data Analysis
Best for: Data processing and analysis with sensitive information- Security Level: Strict PII protection
- PII Detection: Strict
- Injection Detection: Strict
- Exfiltration Detection: Strict
- Output Safety: Moderate
- Use Cases: Analytics, data pipelines, business intelligence
- Strict PII detection (SSN, DOB patterns)
- Enhanced data protection
- Blocked external/public domains
- Comprehensive exfiltration prevention
Creative Writing
Best for: Creative content generation and writing assistance- Security Level: Nuanced content filtering
- PII Detection: Moderate
- Injection Detection: Moderate
- Exfiltration Detection: Moderate
- Output Safety: Strict
- Use Cases: Content generation, writing tools, creative applications
- ML-based toxicity detection enabled
- Higher toxicity threshold (0.8) for creative content
- Category filtering (hate, sexual, violence)
- Strict output safety for content moderation
Choosing the Right Preset
Decision Matrix
| Use Case | Recommended Preset | Alternative |
|---|---|---|
| General AI Application | Default | - |
| Customer Support | Support Bot | Default |
| Code Generation | Code Assistant | Default |
| Document Q&A | RAG System | Default |
| Data Processing | Data Analysis | RAG System |
| Content Creation | Creative Writing | Default |
Recommendation Flow
Configuring Presets
Via Dashboard
-
Access Project Settings
- Login to app.promptguard.co
- Navigate to Projects > [Your Project] > Overview
- Find the “Policy Preset” section
-
Choose Preset
- Review the available preset options
- Consider your use case and requirements
- Select the appropriate preset from the dropdown
-
Test Configuration
- Make test requests to validate the preset
- Monitor security events in the dashboard
- Adjust with custom policies if needed
Via API
Preset Comparison
Detection Capabilities
| Feature | Default | Support Bot | Code Assistant | RAG System | Data Analysis | Creative Writing |
|---|---|---|---|---|---|---|
| PII Detection | Moderate | Strict | Moderate | Strict | Strict | Moderate |
| Injection Detection | Moderate | Moderate | Strict | Strict | Strict | Moderate |
| Exfiltration Detection | Moderate | Strict | Strict | Strict | Strict | Moderate |
| Output Safety | Moderate | Moderate | Permissive | Moderate | Moderate | Strict |
| ML Toxicity | Disabled | Disabled | Disabled | Disabled | Disabled | Enabled |
| Custom Patterns | None | Password/Account | API Keys/Secrets | Confidential | SSN/DOB | None |
Performance Impact
All presets have similar performance characteristics:| Metric | Impact |
|---|---|
| Latency | +30-50ms overhead |
| Throughput | Minimal impact |
| Resource Usage | Low to moderate |
Customizing Presets
Adding Custom Policies
You can enhance any preset with custom policies:- Navigate to Projects > [Your Project] > Policies
- Click “Create Policy”
- Define custom rules that complement your preset
- Custom policies apply in addition to preset rules
Preset + Custom Policies
Presets provide the foundation, and custom policies add specific rules:Monitoring Preset Performance
Key Metrics to Track
-
Security Events
- Track blocked requests by type
- Monitor threat patterns
- Validate detection accuracy
-
False Positive Rate
- Monitor legitimate requests being blocked
- Adjust with custom policies if needed
- Target: 1% for most presets
-
Performance Impact
- Measure latency overhead
- Track error rates
- Monitor user experience
Dashboard Views
Access preset-specific analytics:- Projects > [Your Project] > Analytics
- Filter by time range and security events
- Compare metrics across different configurations
- Export data for detailed analysis
Best Practices
Development Workflow
- Start with Default: Begin with the Default preset for most applications
- Choose Use-Case Preset: If you have a specific use case, use the matching preset
- Add Custom Policies: Enhance with custom rules for specific needs
- Monitor Continuously: Track performance and adjust as needed
Preset Transitions
When changing presets:- Test in Staging: Apply new preset to staging environment first
- Monitor Metrics: Check security events and false positives for 24-48 hours
- Gradual Rollout: Use feature flags for gradual production rollout if needed
- Monitor and Adjust: Watch for issues and fine-tune with custom policies
Troubleshooting
High False Positive Rate
High False Positive Rate
Solutions:
- Review security events to identify patterns
- Add custom whitelist policies for legitimate use cases
- Consider switching to a more permissive preset (if appropriate)
- Contact support for preset tuning assistance
Security Events Not Being Detected
Security Events Not Being Detected
Solutions:
- Verify you’re using appropriate preset for your security needs
- Check if custom policies are overriding preset behavior
- Test with known malicious prompts
- Ensure preset is correctly applied to your project
Need More Granular Control
Need More Granular Control
Solutions:
- Use custom policies to add specific rules
- Combine preset with custom policies for fine-tuned control
- Review preset details to understand what’s enabled
- Contact support for custom preset recommendations
Next Steps
Custom Rules
Create custom security rules beyond presets
Threat Detection
Configure advanced threat detection
Monitoring
Monitor security events and performance
API Reference
Complete API documentation for presets