One policy language for all your AI agents. Consistent enforcement across every provider and framework—OpenAI, Anthropic, LangChain, and more.
Define policies once in YAML and apply them to any AI provider or framework. No more duplicating security logic across integrations.
# PII Protection Policy
name: pii-protection
version: 1.0.0
rules:
- name: mask-customer-pii
match:
agents: ["support-bot", "sales-assistant"]
resources: ["customer_profiles", "user_data"]
actions:
- type: mask
fields:
- ssn
- credit_card
- date_of_birth
pattern: "***-**-{last4}"
audit:
level: detailed
retention: 90d
- name: block-secrets-access
match:
agents: ["*"]
resources: ["secrets_vault", "api_keys"]
actions:
- type: block
message: "Access to secrets requires elevated permissions"
notify:
- channel: slack
severity: highPolicies define what happens when an agent tries to access data. Choose from built-in actions or create your own.
Permit the data access request
Deny access and return an error
Allow access with sensitive fields masked
Remove sensitive content entirely
Apply custom transformations to data
Allow and create detailed audit entry
One policy language for OpenAI, Anthropic, Google, Azure, AWS, and any other AI provider. No vendor lock-in.
Create base policies and extend them for specific use cases. Build composable rule sets that scale with your organization.
Works with LangChain, LlamaIndex, CrewAI, AutoGPT, and custom frameworks. One policy, every agent.
Update policies without restarting your agents. Changes propagate instantly across all connected clients.
Policies execute locally with sub-millisecond latency. No round-trips to a central server.
Test new policies in shadow mode before enforcement. See what would be blocked without affecting production traffic.
Stop duplicating security logic. Define policies once and enforce them everywhere.
Start free trial