LLM Security
Only Beta customers have access to the LLM security feature.
Overview
LLM Security is a feature within WAF-as-a-Service that provides detection and protection mechanisms for applications driven by Large Language Models (LLMs). It helps mitigate against OWASP Top 10 LLM attacks, particularly:
Prompt Injection – Malicious inputs attempting to manipulate LLM behavior.
PII Exposure – Personally identifiable information leakage.
Abuse – Toxic content, banned topics, and policy violations.
The solution is model-agnostic, meaning it works regardless of which LLM provider your application uses.
What is LLM Security
LLM Security acts as an input guardrail layer that screens all prompts sent to your LLM-driven application before they reach the model. It inspects requests for:
Detection Type | Description |
|---|---|
Prompt Injection | Detects attempts to override system instructions or extract sensitive data. |
Toxicity | Identifies harmful, offensive, or inappropriate content. |
Sentiment Analysis | Blocks prompts with negative sentiment (configurable). |
PII Anonymization | Detects and protects personal data from being processed. |
Token Limits | Prevents resource abuse by enforcing maximum token counts. |
Banned Topics | Blocks prompts related to violence, illegal activities, or prohibited subjects. |
Banned Code | Prevents code generation attempts in unauthorized languages. |
Competitor References | Blocks mentions of specified competitor names/products. |
Secrets Detection | Identifies API keys, tokens, and credentials in prompts. |
Language Restrictions | Allows only specified languages (e.g., English only). |
Prerequisites
Before enabling LLM Security, ensure the following requirements are met:
Requirement | Details |
|---|---|
License | Premium License required. |
Account | LLM Security must be enabled at the Account level. |
Container | Only available for Barracuda Containers (Custom containers not supported). |
Version | Datapath version 12.3 or higher. |
Configuration
Enabling LLM Security
Ensure your account has LLM Security enabled at the account level.
Navigate to your application's security settings.
Enable the LLM Security feature for the application.
Configurable Options
Setting | Description |
|---|---|
Token Limit | Maximum number of tokens allowed per prompt. |
Banned Competitors | List of competitor names to block. |
Banned Topics | Topics to block (e.g., violence, illegal activities). |
Banned Substrings | Specific text patterns to block. |
Allowed Languages | Languages permitted in prompts. |
Allowed Code Languages | Programming languages allowed for code generation. |
Anonymize Categories | PII categories to detect and protect. |
Sensitivity Levels | Threshold for detection (Low, Medium, High). |
Action Modes
For each detection type, you can configure the action:
Action | Behavior |
|---|---|
Block | Request is rejected with a 403 Forbidden response. |
Monitor | Request is allowed but logged for review. |
Monitoring and Logging
LLM Security provides visibility into:
Number of prompts processed.
Detection events by category.
Blocked vs. allowed requests.
Detailed violation logs with confidence scores and actions taken.