Skip to main content

What is Oximy?

Oximy provides security infrastructure for AI applications. We protect against AI-specific threats that traditional security tools miss. The Problem: AI systems have unique attack surfaces. Attackers can manipulate prompts, extract training data, bypass safety controls, or leak sensitive information through carefully crafted inputs and outputs. Traditional firewalls and WAFs don’t understand these threats. The Solution: Oximy sits between your application and AI providers, analyzing every request and response in real-time. We detect and block threats in milliseconds while maintaining the user experience your customers expect.

Products

Oximy Gateway

Secure proxy for AI providers with real-time content filtering. Drop-in replacement for OpenAI, Anthropic, Google, and 15+ providers.

Oximy Guard

Scan code, prompts, and AI agents before deployment. Catch security issues in development, not production.

Oximy Shield

Browser protection for employees using AI tools. Prevent data leakage from ChatGPT, Claude, and other AI assistants.

Why Oximy?

Change your base URL, add two headers. That’s it. Works with any OpenAI-compatible SDK - no code changes required.
const openai = new OpenAI({
  baseURL: 'https://gateway.oximy.com/v1',  // Only change needed
  apiKey: 'your-openai-key',
  defaultHeaders: {
    'x-oximy-api-key': 'your-oximy-api-key',
    'x-oximy-project-id': 'your-project'
  }
});
One platform guards against all AI-specific threats:
  • Prompt Injection: Block instruction manipulation attacks
  • Data Leakage: Redact PII, credentials, and sensitive data
  • Jailbreaks: Stop attempts to bypass safety controls
  • Content Moderation: Filter harmful or inappropriate content
  • OWASP Top 10: Protection against all LLM vulnerabilities
Real-time protection that doesn’t slow you down. Our guardrails run in parallel with minimal overhead - your users won’t notice the difference.
Use OpenAI, Anthropic, Google, Azure, Together, Cohere, Groq, and 15+ providers through a single API. Switch providers by changing a header.

Quick Start

1

Choose Your Product

Gateway (Available Now): Secure proxy for AI providersGuard (Private Beta): Pre-deployment code scanningShield: Browser protection for AI tools
2

Get Credentials

Visit the Oximy Dashboard to create an account and get your API key.
3

Integrate

For Gateway: Update your SDK configuration to use Oximy as the base URL.Takes less than 5 minutes - see the quickstart.
4

Configure Protection

Choose which guardrails to enable and set enforcement levels (BLOCK or WARN) based on your needs.

How It Works

  • Gateway Protection
  • Protection Types
  • Policy Management
Your App → Gateway → Guardrails → AI Provider

        [Policy Checks]
        - Prompt Injection
        - Data Leakage
        - Jailbreaks
        - Content Moderation
  1. Request arrives at Gateway
  2. Policy loads guardrail configuration
  3. Guardrails analyze request
  4. Clean request forwards to AI provider
  5. Response checked before returning
  6. Protected response reaches your app
All in milliseconds.

Core Concepts

Guardrails

Real-time security controls that detect and prevent AI-specific threats

Policies

Collections of guardrails configured for specific use cases and environments

Projects

API endpoints or services with assigned policies and enforcement levels

Fundamentals

Learn how Oximy’s security infrastructure protects your AI applications

Use Cases

  • Customer-Facing Apps
  • Internal Tools
  • Development & Testing
Protect public APIs and customer portals:
  • Block prompt injection attacks
  • Prevent customer data leakage
  • Filter inappropriate content
  • Maintain brand safety
  • Meet compliance requirements (HIPAA, PCI, GDPR)
Example: Customer service chatbot with access to sensitive data