Deterministic Engine
What ships today. Fast, predictable, no LLM dependency — every prompt analyzed in under 10ms.
- 100+ regex detection patterns across 18 attack categories
- Pre-compiled alternation matching for sub-10ms analysis
- Unicode normalization and leetspeak decoding
- Session tracking Beta — multi-message risk analysis via
X-Session-Id
- Public demo endpoint with 20 req/15min rate limit
- Usage dashboard and per-account billing
Enhanced Obfuscation Detection
Attackers are getting creative with encoding. We’re expanding the detection surface to catch what regex alone misses.
- Base64, hex, and URL-encoded payload detection
- Improved Unicode homoglyph scanning with similarity scoring
- Token smuggling detection — split/concatenated keyword matching
- Mixed-encoding attacks (e.g. base64 inside Unicode obfuscation)
- Whitespace and zero-width character steganography detection
Improved Multi-Message Analysis
Moving beyond simple score trending to actual semantic drift detection across sessions.
- Per-message embedding fingerprints (no text stored — just vector hashes)
- Semantic drift scoring — detect slowly escalating intent across 10+ messages
- Cross-session pattern linking — identify repeat attackers across different session IDs
- Configurable warning thresholds per account
Semantic Analysis
Lightweight embedding-based similarity matching to catch paraphrased jailbreaks that don’t match existing regex patterns.
- TF-IDF vectorization of known attack archetypes
- Cosine similarity scoring against attack embeddings
- Fully in-process — no external API calls, no added latency
- Complements deterministic engine; runs in parallel
- Ships as an optional
semantic: true flag per request
LLM-Assisted Analysis
For the hardest cases — ambiguous prompts, novel attack vectors, and high-risk edge cases — route through a small, purpose-tuned model for intent classification.
- Optional inference pass on prompts flagged as medium-risk by the deterministic engine
- Purpose-trained small model for jailbreak intent classification
- Returns additional
llm_analysis fields in the response
- Higher latency (100-500ms) — used only when deterministic analysis is inconclusive
- Available on Growth and Enterprise plans
Webhook Notifications
Event-driven alerts so you can act on threats in real time — without polling the API.
- Configurable webhook URLs per account
- Trigger on: high/critical risk level, session escalation, repeated probing, or custom thresholds
- JSON payloads with full analysis results
- Retry with backoff for failed deliveries
- Webhook secret signing for payload verification
- Available on Growth and Enterprise plans