search
Ctrlk

GenAI Security

hashtag
Overview

Generative AI (or GenAI) is transforming applications by enabling natural interactions, automation, and advanced decision-making. However, these capabilities also introduce new security risks such as prompt injection, data leakage, sensitive content exposure, and misuse of resources. Traditional security controls are not designed to handle these challenges.

CloudGuard WAF addresses this with a Ensemble learning model purpose-built for GenAI applications.

CloudGuard WAF combines:

  • Engine 1 – Prompt & Data Classification A super-fast supervised model trained on millions of prompts and attacks classifies inputs in real time.

  • Engine 2 – Contextual & Semantic Analysis This semantic engine ensures accurate decisions on whether to approve or block requests.

This ensable approach delivers:

  • Best-in-class detection accuracy

  • Continuous adaptation to new threats

  • Minimal latency (as low as 50ms, depending on prompt size)

hashtag
Configuration

hashtag
Settings

GenAI Security settings can be configured during the asset creation, see instructions here. Or from the asset directly:

Step 1: Edit the web API/application asset through Policy->Assets-> General Tab.

Configure the following:

  • Request URI: Enter the API endpoint for LLM prompts (e.g., /api/chat).

  • Prompt Location: Specify where the prompt appears in the request body (e.g., body.prompt).

Under Advanced you can configure the following:

  • LLM Model: Select the LLM your app uses.

  • Expected Prompts: Choose One:

    • Wide range – many different prompt types.

    • Specific – narrow, domain-focused prompts.

  • Expected Users:

    • All users (internal & external)

    • Internal roles (e.g., admin, sales)

    • External roles (e.g., customers, partners)

    • One specific role

  • Application Description: Add a short note on your app’s purpose to improve protection accuracy.

hashtag
Modes

All GenAI Security Modes can be configured by navigating to Policy → Assets and editing the GenAI tab in the Web Application Asset.

GenAI Security protects AI-driven applications using two protection models:

  • Learn / Detect – monitors activity, detects suspicious behavior, and learns usage patterns.

  • Prevent – actively blocks malicious or risky inputs/outputs when detected.

  • Disabled - not activating the protection.

hashtag
Protection Types

hashtag
Prompt Injection Prevention

Prevents malicious prompt manipulation techniques, such as:

  • Context changes

  • Obfuscation attempts

  • Reverse psychology

  • Role-play and emotional manipulation

  • Negation commands

  • Chain-of-thought manipulation

hashtag
Data Leakage Prevention

Protects against sensitive data exposure by detecting and blocking patterns such as:

  • Credit card numbers

  • IBANs and banking details

  • Other personal identifiers

Data checks can be applied to both incoming requests (requests to the application) and outgoing responses (responses from the application to the calling client).

hashtag
Content Control

Analyzes AI inputs and outputs for restricted or harmful content, including:

  • Banned keywords and topics

  • Language misuse

  • Sentiment and toxicity detection

hashtag
Usage Guard (Coming Soon)

Prevents misuse of the application by limiting resource consumption. Controls include:

  • Maximum prompt size

  • Maximum prompts per user or session

  • Frequency controls to stop abuse

Last updated

Was this helpful?