AI Guard
AI Guard by OneTrust is a comprehensive classification tool for protecting critical AI systems. It acts as a sophisticated inspection layer between your users and AI tools, ensuring every interaction is safe, secure, and compliant.
What Is AI Guard?
AI Guard provides runtime classification capabilities for generative AI applications. It automatically detects and masks PII, secrets, proprietary code, and moreβwith support for 300+ classification patterns out of the box and the ability to define custom profiles.
AI Guard helps businesses develop AI applications with confidence, especially during the build phase. It identifies PII risk in AI payloads early in development by providing sophisticated PII identification and data classification. By using AI Guard, businesses can test AI agents and applications for PII generation and quantify PII risk before taking them to production.
Current Release ScopeAs of this release, AI Guard is optimized for development and testing workloads. It is not recommended for large classification volumes generally seen in externally facing AI applications or agents.
Key Capabilities
| Capability | Description |
|---|---|
| Real-Time Classification | Classify user prompts and AI responses during inference with 300+ built-in classifiers |
| Redaction | Automatically mask sensitive data (PII, credentials, phone numbers, addresses) based on configurable policies |
| Blocking | Block entire messages when critical sensitive data is detected |
| Streaming Support | Process LLM streaming responses with concurrent chunked classification and inline redaction |
| Observability | Stream classification metrics and events to OneTrust AI Governance for compliance monitoring |
| AI Application Inventory | Register AI applications to OneTrust AI Governance for centralized governance |
How It Works
AI Guard is an SDK-based solution, making it suitable for almost all environments with a Python runtime. Developers import the OneTrust AI Guard SDK into their applications and leverage its classification, redaction, and streaming functionalities.
Architecture
The system consists of four layers:
- SDK Layer β Python AI Guard Client that integrates with your GenAI agent runtime
- Service Layer β AI Guard classification service (deployed on the OneTrust Light Worker Node) that processes classification requests
- Backend Layer β OneTrust Data Discovery Classification System providing the classification engine and 300+ system classifiers
- Observability Layer β Metrics streamed from AI Guard to OneTrust AI Governance for monitoring and compliance
Call Flow
Your AI App (SDK) β AI Guard Service β Classification Engine β Results β SDK (Redact/Block/Pass)- Your GenAI agent invokes the AI Guard SDK during inference
- The SDK sends a classification request to the AI Guard service
- AI Guard classifies the text using cached profiles and classifiers
- Results are returned to the SDK for real-time decision-making (redact, block, or pass through)
- Classification events are published to AI Governance via the metrics pipeline
ImportantThe OneTrust AI Governance Cloud acts as a control plane to define classification behavior. It does not collect prompts or responses. Summary classification metrics are sent from the Light Worker Node to AI Governance at regular intervals.
Primary Use Cases
AI Application Inventory
Import OneTrust AI Guard as an SDK within your applications and declare AI application metadata, thereby registering the application to OneTrust AI Governance. This allows businesses to centralize all AI applications under development and ensure governance actions can be extended to them.
Sensitive Data Protection
Automatically detect and classify PII, secrets, proprietary code, and more in both user prompts and AI-generated responses. Apply configurable policies to redact or block sensitive content before it reaches end users.
Supported Platforms
The SDK supports the following AI platforms for metrics attribution:
| Platform | Identifier |
|---|---|
| Amazon Bedrock | AMAZON_BEDROCK |
| Amazon SageMaker | AMAZON_SAGEMAKER |
| Azure AI Foundry | AZURE_FOUNDRY |
| Databricks | DATABRICKS |
| Google Cloud Vertex AI | GCP_VERTEX |
What's Next?
Get started with AI Guard by following the setup guides:
- Prerequisites β What you need before getting started
- Create an API Key β Generate credentials for SDK authorization
- Deploy the Light Worker Node β Set up the classification service
- Install the SDK β Download and install the Python SDK
Updated about 4 hours ago