Skip to main content

The detection stack

Protector Plus combines two complementary layers in defence-in-depth: deterministic Standard Guardrails for known patterns, and ShieldPrompt for model-driven detection.
1

Standard Guardrails (rule-based, CPU-powered)

Deterministic detection for well-known risk vectors: Keyword Blocklist, Regex Pattern Matching, and PII Detection (NER-based) for inputs and outputs.
2

ShieldPrompt (GPU-powered, defence-in-depth)

The orchestration pipeline combining four model-based layers:
  • LLM Classifier — an LLM-as-judge model that scores prompt-injection likelihood
  • Vector Filter — semantic similarity against the Threat Vector Database (TVDB)
  • Content Moderation — purpose-built classifier for hazardous content
  • System Prompt Protection — detection of system-prompt leakage in LLM responses

Security profiles

A security profile is a packaged set of policy configurations. Each GenAI application is bound to a security profile, which determines which guardrails are enabled, in what mode (block or monitor), and with what thresholds.
A recommended starting configuration is to enable the LLM, Vector, Content Moderation, and System Prompt Protection guardrails. Tune from there based on your requirements.

Deployment modes

Protector Plus supports topologies that place either an LLM gateway or the GenAI Firewall as the first hop from the application. See Deployment Modes for the full flow diagrams.

The Threat Vector Database (TVDB)

The TVDB is CloudsineAI’s proprietary corpus of LLM attack patterns. It powers the Vector Filter layer of ShieldPrompt. The TVDB is maintained on a continuous basis by CloudsineAI’s research operation, with accelerated releases for high-impact disclosures. Read more in Threat Vector Database.

Glossary