Security for every LLM call.
LLM Shield sits between your application and your LLM. Inspects inputs, enforces policies, scans outputs, and secures agentic tool-calling workflows — with per-tenant isolation, runtime audit, and compliance mappings out of the box.
Why LLM Shield
Defense in depth
19 guardrails across input safety, output quality, and agentic security — composed into a two-tier parallel pipeline.
Built for multi-tenant
Per-tenant policies, rate limits, quotas, and audit logs persisted in Redis. Drop-in for SaaS or enterprise.
Fast where it matters
CPU guardrails run first under a 250ms budget. LLM-based checks fire only when needed.
Agent-native security
Role-based tool authorization, MCP server validation, data taint tracking, and goal-drift detection.
Where to start
| If you want to… | Go to |
|---|---|
| Spin it up in 5 minutes | Quickstart |
| Understand how it answers common buyer questions | FAQ |
| See every endpoint | API Reference |
| Pick the right deployment shape | Installation Guide |
| Run on-prem with HA | On-Premises Deployment |
| Wire up agents (LangChain / CrewAI / OpenAI) | Agentic Integration |
| Use Shield in your IDE (Cursor / Claude / VS Code) | Connect Shield to Your IDE |
| Use your existing IdP (Okta / Entra / Google) | Identity Provider Interoperability |
| Add guardrails at your AI gateway (LiteLLM / Portkey / Kong) | AI Gateway & Proxy Interoperability |
| Stop data leaking into web AI (ChatGPT / Gemini / Claude) | Edge Fast-Path (Browser DLP) |
| Enforce MCP tool allowlists at runtime (not just client-side) | MCP Runtime Enforcement |
| Plan an enterprise rollout / cover agents you didn’t build | Enterprise Integration Architecture |
| Build a feature the right way (spec-first) | Spec Template (how we build) |
| Map to NIST / OWASP / ISO controls | Compliance Mapping |
Where it runs
Managed cloud, self-hosted in your VPC, or fully on-prem / air-gapped — same APIs, same guardrails, same policies. Shield is a container you run wherever you need it; nothing is locked to a hosted control plane.
| Model | Runs on | Guide |
|---|---|---|
| Cloud / managed | RunPod, Cloud Run, Fly, Render | Quickstart |
| Self-hosted (your VPC) | your Kubernetes / VMs | Installation Guide |
| On-prem / air-gapped | RHEL + NVIDIA GPU, Docker Compose / K8s / OpenShift | On-Premises Deployment |
Two container images
- Full Shield (
Dockerfile) — GPU worker with llama.cpp + all guardrails + admin portals - Admin-only (
Dockerfile.admin) — Lightweight (~150 MB) portal + tenant APIs, no GPU. Runs anywhere (Cloud Run, Fly, Render, laptop).
Both share the same backend APIs and connect to the same Redis for tenant state.
┌─────────────┐ ┌──────────────────┐ ┌─────────────────┐
│ Tenant App │──▶│ Full Shield │──▶│ Redis (Upstash │
│ (your AI) │ │ (GPU worker) │ │ or local) │
└─────────────┘ └──────────────────┘ └─────────────────┘
▲
┌──────────────────┐ │
│ Admin Portal │───────────┘
│ (lightweight, │ Per-tenant policies,
│ runs anywhere) │ rate limits, audit log
└──────────────────┘