Fundamentals

Security for AI Applications

AI applications face unique security challenges that traditional tools weren’t built to handle. Oximy protects against these threats through two foundational concepts: Guardrails and Policies.

Core Concepts

Guardrails
Policies

Real-time security controls that analyze requests and responses as they flow through your AI applications.How They Work:

Pattern-based detection for structured threats
Semantic analysis to understand context and intent
Behavioral analysis to spot unusual patterns
Contextual validation against your policies

Response Time: Milliseconds

Learn About Guardrails

Deep dive into how guardrails protect your applications

How They Work Together

Request Arrives

An AI request arrives at your application (via Gateway or Shield)

Policy Loads

The project loads its assigned policy, which specifies:

Which guardrails are active
Enforcement levels for each guardrail
Custom detection settings

Guardrails Analyze

Active guardrails analyze the request through multiple layers:

Pattern matching for known threats
Semantic analysis for context understanding
Behavioral analysis for unusual patterns
Contextual validation against policies

Action Taken

Based on policy configuration:

BLOCK: Stop the request, return error, log violation
WARN: Sanitize content, log violation, allow to proceed

Protected Request

Only clean, policy-compliant content reaches the AI model

Response Checked

Model responses are analyzed by guardrails before returning

Safe Response

Compliant, sanitized data returns to your application

Visual Flow:

API Request → Project → Policy → Guardrails → Protected Request → AI Model
                                       ↓
                                  [Analysis]
                                  - Patterns
                                  - Semantics
                                  - Behavior
                                  - Context
                                       ↓
Model Response → Guardrails → Protected Response → Your App

Protection by Environment

Production
Internal Tools
Development
Compliance

Maximum protection for customer-facing applicationsPolicy Configuration:

All guardrails enabled
BLOCK enforcement for critical threats
High detection sensitivity
Real-time alerting
Comprehensive audit logging

Use For:

Public APIs
Customer portals
Production services
Revenue-generating applications

Example:

{
  "policy": "production-strict",
  "enforcement": {
    "prompt_injection": "BLOCK",
    "data_leakage": "BLOCK",
    "jailbreak": "BLOCK",
    "content_moderation": "BLOCK"
  }
}

Why This Architecture?

Consistency Across Products

The same guardrails and policies work across Gateway, Guard, and Shield. Configure once, protect everywhere.

Flexibility by Environment

Production needs strict enforcement. Development needs visibility. Same guardrails, different policies.

Compliance Made Easy

Pre-built policies for HIPAA, PCI, GDPR, and other regulations. Customize as needed for your requirements.

Gradual Rollout

Start with WARN in development. Monitor and tune. Move to BLOCK in production when you’re confident.

Multi-Layered Protection

Four detection layers (pattern, semantic, behavioral, contextual) provide defense in depth against evolving threats.

Next Steps

Understand Guardrails

Learn how each guardrail type protects against specific threatsExplore Guardrails

Learn About Policies

See how to organize guardrails into reusable configurationsExplore Policies

Integrate Gateway

Put it all into practice with Oximy GatewayGateway Quickstart

Getting Started

Guardrails

Policies

​Security for AI Applications

​Core Concepts

Learn About Guardrails

​How They Work Together

​Protection by Environment

​Why This Architecture?