1Password Unified Access
by 1Password
Discovers AI tools, agents, and exposed credentials across endpoints, then vaults and governs the secrets that human, agent, and machine identities use.
The AI security market, mapped to where it defends.
Each product is placed on the AI Defense Matrix to help you understand how it fits into the security-for-AI ecosystem. The details are from public sources, dated, and open to community updates.
- Products
- 146
- Asset classes
- 8
- CSF functions
- 6
Matrix cell
Tick Compare on 2 to 4 products to view them side by side.
-
-
Continuous AI red teaming platform for custom AI agents that tests for vulnerability classes across agents, models, and MCP, re-scanning on every model, prompt, or tool update.
-
Identity and access management for AI agents that issues OAuth 2.1 tokens, enforces policy on every MCP request, and brokers credentials so agents reach MCP servers and resources without secrets.
-
Agent Governance Toolkit
by Microsoft
Open-source Microsoft project enforcing runtime policy on autonomous agent actions, with zero-trust agent identity, MCP gateway checks, and tamper-evident audit logs.
-
AI security platform that secures employee use of public AI applications, shields private AI apps and agents with an AI firewall, and covers the AI development lifecycle with AI-SPM.
-
AIShield
by Bosch
Bosch product line pairing AISpectra model vulnerability scanning and red teaming with Guardian runtime guardrails and an ML firewall for GenAI and ML apps.
-
Akamai Firewall for AI
by Akamai
Inspects LLM prompts and responses at the edge or via API, blocking prompt injection, toxic output, and sensitive data exposure.
-
Identity security platform for machines and AI agents that issues just-in-time, vaultless secrets and certificates so agents authenticate without hardcoded credentials and act under runtime control.
-
Data intelligence platform with AI governance that inventories AI models, agents, and tools, traces their data lineage, and curates trusted, compliant data for AI development.
-
Aqua Secure AI
by Aqua Security
Lifecycle protection for AI apps in the Aqua Platform, spanning code scanning, AI service posture checks, runtime threat detection, and prompt defense for cloud native workloads.
-
Arize
by Arize AI
AI observability and evaluation platform with run-time guardrails that screen LLM inputs and outputs, blocking jailbreaks, prompt injection, and PII while flagging hallucinated or unsafe responses.
-
Arthur
by Arthur AI
AI lifecycle platform with built-in guardrails that screen AI interactions for misuse, off-brand content, and unsafe prompts and responses, plus monitoring for models and agents.
-
AI trust, risk, and security management platform that continuously assesses, tests, and governs AI models and agents against the EU AI Act, ISO/IEC 42001, and NIST AI RMF.
-
Astrix
by Astrix Security
Identity security platform that discovers, secures, and governs AI agents and non-human identities, with posture management and non-human ITDR.
-
AI security platform that discovers AI apps and agents, inspects prompts and responses inline, and applies data protection and threat prevention policies to enterprise AI activity.
-
Auth0 for AI Agents
by Okta
Identity and access for AI agents, with dedicated agent identities, a Token Vault for third-party API tokens, async user authorization, and fine-grained authorization for RAG.
-
Secures AI agents at the endpoint with an MCP gateway, a vetted MCP catalog, sandboxed MCP hosting, and a centralized token vault.
-
AWS Bedrock Guardrails
by Amazon Web Services
Configurable safety layer for generative AI applications that filters harmful content, detects prompt-injection attacks, redacts PII, blocks denied topics, and flags ungrounded responses.
-
Azure AI Content Safety
by Microsoft
Microsoft content-safety service for generative AI that uses Prompt Shields to detect and block jailbreaks and indirect prompt injection, and filters prompts and responses across harm categories.
-
Secures AI coding agents on developer workstations with MCP server vetting, vibe coding guardrails, and real-time monitoring of agentic activity.
-
Enterprise data security platform that discovers and classifies sensitive data, finds shadow AI, secures the data pipeline for AI training, and governs AI access and risk.
-
Black Duck Signal
by Black Duck
Agentic application security solution that detects and fixes flaws in AI-generated code via MCP integrations with coding assistants and pipelines.
-
Bonfy ACS
by Bonfy.AI
Inspects content moving through email, SaaS apps, Copilot, and AI agents, blocking or redacting sensitive data, with MCP server guardrails for agents and shadow AI detection.
-
Extends cloud PAM to AI agent identities with just-in-time ephemeral credentials, zero standing privileges, and runtime on-behalf-of policy enforcement.
-
CalypsoAI
by F5
Inference-layer AI security pairing runtime guardrails against prompt injection, jailbreaks, and data leakage with red teaming at scale.
-
Runtime security layer that discovers enterprise AI agents, observes their behavior, and blocks unsafe or risky actions before execution.
-
Application security platform whose Developer Assist secures AI-generated code in real time inside the IDE, detecting SAST, SCA, secret, and IaC flaws and applying validated fixes before commit.
-
Maker of Citadel Lens, which tests AI models and datasets against industry standards and generates AI compliance reports for regulations such as the EU AI Act.
-
Cloudflare AI Gateway
by Cloudflare
Hosted gateway that proxies application traffic to LLM providers, adding guardrails to flag or block harmful prompts and responses, plus rate limiting, caching, and usage analytics.
-
Cloudflare AI Security for Apps
by Cloudflare
WAF protection for LLM-powered apps that discovers AI endpoints and detects and mitigates prompt injection, data exposure, and unbounded consumption.
-
Cloudsmith ML Model Registry
by Cloudsmith
Registry for ML models and datasets that proxies Hugging Face artifacts and applies enterprise policy to quarantine, block, or approve them before use.
-
Clutch
by Clutch Security
Identity security platform for non-human identities, AI agents, and secrets: discovery, governance, posture and risk management, and threat detection and response across cloud, SaaS, and on-prem.
-
Data and AI governance platform that governs AI models, use cases, and agents across their lifecycle, ties them to trusted lineage-tracked data, and enforces compliance and data policies.
-
AI quality and LLM evaluation platform from the creators of DeepEval, with the DeepTeam framework adding red teaming and production input and output guardrails.
-
ContextForge MCP Gateway
by IBM
Open-source IBM gateway, registry, and proxy that fronts MCP, A2A, and REST tools with centralized authentication, guardrail plugins, and governance controls.
-
Cranium
by Cranium AI
Platform that discovers and inventories enterprise AI systems, generates AI bills of materials, red teams models, and maps risks to regulations such as the EU AI Act and NIST AI RMF.
-
AI governance platform that inventories AI systems, runs risk assessments, and maps controls to policy packs for the EU AI Act, NIST AI RMF, and ISO 42001.
-
Agentic identity control plane that discovers AI agents across SaaS and cloud environments, records each agent interaction for forensics, and enforces least-privilege access policies.
-
Cyberhaven AI Security
by Cyberhaven
Endpoint agent that inventories AI tools and agents, monitors their execution, and uses data lineage to block, warn, or redact sensitive data across prompts and responses.
-
Agentic development security that inventories AI models, MCP servers, and code assistants across repositories and applies IDE and CLI guardrails to AI coding agents.
-
Data security platform that discovers and classifies sensitive data across the enterprise, surfaces shadow AI, controls what data AI can reach, and prevents sensitive-data leakage to AI in real time.
-
Datadog LLM Observability
by Datadog
Observability for LLM and agent applications that traces prompts, responses, and tool calls, with evaluations that flag prompt injection, unsafe output, and exposure of sensitive data.
-
AI testing, observability, and monitoring platform that evaluates prompts, models, and agents and tracks LLM app quality in production.
-
AI security platform with a runtime AI firewall, automated red teaming, and model scanning for LLM and computer vision systems.
-
Identity platform for AI agents and MCP servers that authenticates agents with scoped OAuth tokens, brokers their credentials to external tools, and governs and audits what each agent may do.
-
AI red teaming tooling that probes foundation models and agentic AI systems for security and safety risks.
-
DynamoGuard
by Dynamo AI
Runtime guardrails that turn natural language policies into lightweight models to detect and block prompt injection, data leakage, and unsafe LLM output.
-
Einstein Trust Layer
by Salesforce
Guardrails between Salesforce applications and LLMs that mask sensitive data, detect toxic output, maintain audit trails, and enforce zero data retention with LLM providers.
-
Runtime guardrails for LLM apps and agents, automated red teaming, MCP gateway and scanner controls, and compliance evidence mapped to EU AI Act and NIST.
-
Security platform for AI agents and non-human identities that discovers them, monitors agent behavior and intent for threats, and attributes each identity to a human owner.
-
Fiddler AI
by Fiddler
Observability and guardrails platform for LLM and agent applications that scores prompts and responses and blocks harmful content, PII leaks, and hallucinations in real time.
-
FortiAIGate
by Fortinet
Runtime AI gateway that proxies traffic between apps and LLMs, applying guardrails against prompt injection, jailbreaks, data leakage, and model abuse.
-
Frontegg.ai
by Frontegg
Identity management for AI agent builders, with user authentication, least-privilege authorization, token rotation, and managed OAuth tokens for third-party tool access.
-
garak
by NVIDIA
Open-source LLM vulnerability scanner from NVIDIA that probes models for prompt injection, jailbreaks, data leakage, toxicity, and misinformation using static, dynamic, and adaptive probes.
-
Geordie
by Geordie AI
Agent security and governance platform that discovers AI agents, maps their tools and MCP connections, audits behavior, and applies real-time controls through its Beam engine.
-
Open-source and commercial AI testing platform that red-teams LLMs and ML models with adversarial probes for prompt injection, hallucination, and sensitive-information disclosure.
-
Google Model Armor
by Google
Google Cloud runtime security for generative and agentic AI that screens prompts, responses, and agent interactions to block prompt injection, jailbreaks, malicious URLs, and sensitive-data leaks.
-
Gray Swan Cygnal
by Gray Swan AI
Inline runtime guardrail that screens prompts, model responses, and agent tool calls, blocking prompt injection, jailbreaks, and unsafe outputs against custom policies.
-
Open-source Python framework that wraps LLM calls in input and output guards, applying validators from the Guardrails Hub to detect and mitigate risks in prompts and responses.
-
Monitors employee and agent AI usage via a browser extension and desktop client, detecting sensitive data in prompts and coaching or blocking risky sharing in real time.
-
AI security platform with four modules: model supply-chain scanning, real-time runtime monitoring of prompts and responses, automated red teaming, and AI asset discovery.
-
Secures AI agents with centralized gateway policy controls, multi-turn runtime guardrails, and MCP server scanning via its Ramparts scanner.
-
Machine unlearning that removes memorized PII, jailbreak vulnerabilities, and biased behaviors from trained models without retraining.
-
AI governance platform that discovers AI systems including shadow AI, audits models and LLMs for bias, robustness, and data leakage, and enforces regulatory compliance across the AI lifecycle.
-
Discovers AI agents and MCP servers at runtime and replaces their static credentials with just-in-time identity-based access.
-
IBM Guardium AI Security
by IBM
Discovers shadow AI and agents, runs posture checks and automated pen tests on models, and screens prompts with an AI firewall.
-
Data security platform that discovers and classifies sensitive data, enforces attribute-based access policies and masking at the data layer for AI and RAG workloads, and monitors data usage for risk.
-
Discovers, profiles, and protects AI agents and automations that business users build on platforms such as Copilot Studio, Power Automate, Salesforce, UiPath, and Retool.
-
Knostic Kirin
by Knostic
Security for AI coding assistants such as Cursor, Copilot, and Claude Code that inspects MCP connections in real time, monitors IDE extensions and plugins, and blocks risky components.
-
Endpoint security for software supply chains that inventories, risk-scores, and gates installs of MCP servers, AI models, AI agents, extensions, and packages by policy.
-
Kong
by Kong Inc.
AI gateway that proxies traffic to many LLM providers and governs it with prompt guards, PII sanitization, and content-safety policies that screen requests and responses.
-
Runtime guardrails plus adversarial testing for LLM and agent apps, screening prompts, responses, and tool calls for prompt injection, jailbreaks, and data leakage.
-
Platform that discovers and inventories AI agents and applications, red-teams them, and enforces policy inline at the proxy, API, or gateway to protect AI interactions at runtime.
-
AI governance platform that discovers AI systems, runs technical evaluations and automated red-team security scans, and maps evidence to 20+ compliance frameworks.
-
LayerX
by LayerX Security
Browser-extension control of employee AI use that discovers shadow AI tools, applies DLP to prompts and file transfers, and enforces identity-based access policies.
-
AI discovery capability that inventories AI models, MCP servers, and coding assistants across development, plus VibeGuard guardrails for AI-generated code in the IDE.
-
Lineaje UnifAI
by Lineaje
AI policy orchestrator that discovers AI inventory, derives security and compliance policies, and enforces them with runtime guardrails for agentic AI applications.
-
LiteLLM
by BerriAI
Open-source AI gateway and proxy for 100+ LLM providers, adding virtual-key RBAC, budgets, rate limits, guardrails (PII masking, prompt-injection), and enterprise SSO and audit logs.
-
LlamaFirewall
by Meta
Open-source guardrail framework from Meta that scans LLM apps and agents with PromptGuard 2, AlignmentCheck, and CodeShield scanners.
-
Lunar MCPX
by Lunar.dev
Self-hosted MCP gateway that aggregates MCP servers behind one endpoint and applies per-agent access control, OAuth and API key authentication, and tool hardening.
-
Manifest AI Risk
by Manifest
AI bill-of-materials platform that discovers models and datasets, tracks provenance and vulnerabilities, and turns AIBOMs into governance and compliance evidence.
-
Mend AI
by Mend.io
Discovers and inventories AI components in applications, assesses their risks, enforces AI policies, and red teams AI behavior for issues like prompt injection.
-
Microsoft Agent 365
by Microsoft
Control plane that inventories AI agents in a registry, assigns them Entra identities with conditional access, and adds Defender posture and threat detection.
-
Microsoft Purview
by Microsoft
Data security posture management for AI in Microsoft Purview that discovers sensitive data in AI prompts and responses, enforces data-loss policies on generative AI use, and flags risky AI activity.
-
Miggo
by Miggo Security
Runtime AI defense that maps agents, models, tools, and MCP integrations into an AI-BOM, detects prompt injection and agent hijacking, and enforces guardrails on AI behavior.
-
Automated AI red-teaming platform that maps the AI attack surface and continuously tests models and agents for prompt injection, jailbreak, and model-manipulation flaws.
-
Managed MCP gateway that authenticates AI clients to MCP servers, enforces access policies, and logs every tool call for audit.
-
Mistral Moderation
by Mistral AI
Classifier service that scores prompts and responses across policy categories and applies blocking guardrails in Mistral API requests.
-
Governed MCP gateway that treats AI agents as non-human identities, enforcing identity-aware authorization and per-tool policy over agent access to tools, with shadow-AI discovery and audit.
-
NeMo Guardrails
by NVIDIA
Open-source NVIDIA toolkit that adds programmable input, dialog, retrieval, execution, and output rails to LLM applications, with built-in jailbreak and content safety checks.
-
Cloud security platform that discovers generative-AI use including shadow AI and inspects prompts and responses inline, applying DLP and guardrails to block data leakage and AI threats.
-
AI gateway and runtime firewall that screens LLM and agent traffic for injection attacks and data leaks, plus automated red teaming.
-
An enterprise platform that discovers, governs, and protects AI and AI agents across the enterprise, spanning homegrown AI, SaaS agents, and coding assistants.
-
Oasis
by Oasis Security
Non-human identity management platform that discovers, governs, and enforces least-privilege access for service accounts, secrets, and AI agents across hybrid cloud.
-
Onyx
by Onyx Security
Control plane that discovers sanctioned and shadow AI agents, monitors prompts and agent actions in real time, and enforces security and governance policies across enterprise AI use.
-
OpenAI Guardrails
by OpenAI
Safety framework that validates LLM app inputs and outputs with configurable checks, plus open-weight gpt-oss-safeguard policy classifiers.
-
Operant AI Gatekeeper
by Operant AI
Runtime defense that secures live AI apps and agentic workflows, addressing data leakage and rogue agents with in-line redaction and MCP threat blocking.
-
Orca
by Orca Security
Agentless AI security posture management in the Orca cloud platform that discovers AI models including shadow AI, inventories them, and flags misconfigurations and exposed data.
-
Discovers shadow AI agents across endpoints and browsers, monitors agent sessions through an edge proxy, and alerts on unsanctioned usage and sensitive data.
-
Palo Alto AI-SPM
by Palo Alto Networks
AI security posture management in Prisma Cloud that discovers and inventories AI models and applications, classifies sensitive training and inference data, and flags data exposure and model risk.
-
AI security guardrails that inspect prompts, responses, and agent activity to block prompt injection, redact sensitive data, and stop malicious content across LLM and agent traffic.
-
LLM evaluation and guardrails platform whose point-in-time evaluators detect prompt injection, toxicity, PII, and harmful or hallucinated content in LLM inputs and outputs.
-
Permiso AI Security
by Permiso Security
Capability of the Permiso identity platform that discovers AI agents, attributes runs and tool calls to identities, and detects anomalous agent behavior in real time.
-
Pillar
by Pillar Security
AI security platform for the agentic workforce that inventories agents, models, and MCP servers, red-teams them, and runs adaptive runtime guardrails to block prompt attacks and data egress.
-
AI gateway and control plane that routes requests across many LLM providers and runs guardrails on inputs and outputs to catch prompt injection, PII leaks, and unsafe content.
-
Prisma AIRS
by Palo Alto Networks
Palo Alto Networks’ AI security platform; its AI Runtime Security inspects prompts and responses inline to block prompt injection, data leakage, and unsafe model output.
-
Runtime GenAI security that screens employee AI use, homegrown LLM apps, and agents for prompt injection, data leakage, and shadow AI, with inline blocking and redaction.
-
Open-source CLI and library for evaluating and red-teaming LLM applications, generating application-specific attacks such as prompt injections, jailbreaks, and data and PII leaks.
-
Proofpoint Unified AI Security
by Proofpoint
Runtime visibility and policy enforcement for employee GenAI use, autonomous agents, and MCP servers, built on the acquired Acuvity technology.
-
A unified platform that secures the AI lifecycle: model scanning (Guardian), automated red teaming (Recon), and runtime protection (Layer).
-
Context security for agentic AI that sits between enterprise data and AI systems, applying role-based access and dynamic masking so agents see only the data each user is permitted at inference.
-
PyRIT
by Microsoft
Open-source Microsoft framework for automated and human-led AI red teaming, assessing the security and safety of generative AI systems with attack strategies, scenarios, and scoring.
-
Qualys TotalAI
by Qualys
Discovers and inventories AI and LLM workloads, then scans models for jailbreak, prompt injection, and other OWASP LLM Top 10 risks.
-
Realm Prism
by Realm Labs
Runtime observability that inspects model internals during inference to detect hallucinations, prompt injection, and policy drift in production AI calls.
-
SaaS security platform that discovers shadow AI tools and AI agents, monitors agent permissions and behavior, and governs generative AI usage across enterprise apps.
-
Enterprise AI security and red-teaming platform that discovers AI assets, runs adversarial attack simulations against models and apps, and adds runtime protection and MCP visibility.
-
Robust Intelligence
by Cisco
Algorithmic red teaming and runtime guardrails for AI models and apps: tests models against attacks and screens prompts, responses, and agent workflows. Now part of Cisco AI Defense.
-
Rubrik Agent Cloud
by Rubrik
Monitors enterprise AI agents, applies SAGE semantic guardrails in real time, and rewinds destructive agent actions.
-
MCP security gateway that vets servers and skills, screens each tool call for threats, and ties agent access to enterprise SSO with audit logs.
-
Data and AI security command center that discovers and classifies sensitive data across the enterprise and runs context-aware LLM firewalls over AI prompts, retrieval, and responses.
-
Static analysis platform that scans code regardless of who or what wrote it, with a Guardian mode and Multimodal AI that find and help fix vulnerabilities in AI-generated code as it lands.
-
Agentless DSPM that discovers, classifies, and governs sensitive data across the estate, including the training sets, RAG stores, and Copilot and Bedrock data that AI applications touch.
-
Developer-security platform, now positioned as an AI security fabric, that secures AI-generated code and the AI agents and tools used to build and run AI-native applications.
-
Sonatype Repository Firewall
by Sonatype
Identifies and blocks malicious open-source components before they enter development, with Hugging Face support extending that protection to AI/ML models.
-
Spectra Assure
by ReversingLabs
Scans AI and ML model files for malicious code as part of software supply chain analysis and lists detected models in an ML-BOM.
-
AI-native security for agentic apps and AI agents, pairing offensive red-team testing with runtime guardrails that detect and block prompt injection, data exfiltration, and agent manipulation.
-
Stytch Connected Apps
by Stytch
Authorization for AI agent and MCP workflows that connects agents to applications with consent management, scoped permissions, and admin allowlists.
-
Sweet AI Security Platform
by Sweet Security
Runtime detection and response for AI systems that inventories models and agents, blocks prompt injection through an AI gateway, and enforces least privilege for agents.
-
Tailscale Aperture
by Tailscale
AI gateway that authenticates users and agents with Tailscale identity, keeps provider API keys centralized, and tracks LLM usage and spend.
-
Teleport Beams
by Teleport
Runs AI agents in isolated Firecracker micro-VMs with built-in identity, per-beam access policy, and audited access to infrastructure and inference services.
-
Tenable AI Exposure
by Tenable
Discovers how employees and agents use AI platforms, surfaces shadow AI and misconfigurations, detects attacks such as prompt injection, and enforces AI acceptable use policies.
-
Security platform for AI agents and non-human identities that discovers and inventories them, maps their access and risk, and enforces intent-based least-privilege.
-
Endpoint AI security posture management that discovers the AI tools, agents, MCP servers, and skills running on devices, scores context-aware risk, and automates remediation.
-
Trend Vision One AI Application Security
by Trend Micro
Scans LLM applications for vulnerabilities before deployment and guards them at runtime, blocking prompt injection, data leakage, and unsafe output.
-
Tools that red team AI models at build time and apply a runtime firewall against prompt injection, data leakage, and rogue MCP servers.
-
Unified data and AI access governance platform that secures data across cloud and on-premises environments and governs autonomous AI agents.
-
Unity AI Gateway
by Databricks
Governance layer for model serving on Databricks with guardrails that filter PII and unsafe content, plus permissions, rate limits, request logging, and usage tracking.
-
Unity Catalog
by Databricks
Unified governance layer for Databricks data and AI that manages models, agent tools, and MCP connections as access-controlled objects, with fine-grained policies, column-level lineage, and audit.
-
Varonis Atlas
by Varonis
AI security platform that inventories AI and shadow AI, tests AI systems for prompt injection and other vulnerabilities, and enforces runtime guardrails via an in-path AI gateway.
-
Veza AI Agent Security
by Veza
Discovers AI agents and MCP servers across the enterprise, maps their access and human owners, and enforces least-privilege policies to reduce AI agent risk.
-
AI Agent Flight Recorder and Action Center capture a cross-application forensic audit trail of agent actions, surface behavioral anomaly findings, and route coordinated response.
-
Network-level AI security and governance platform that discovers AI apps, agents, and MCP servers, enforces use policies, and runs an AI firewall that blocks prompt injection and jailbreaks.
-
Wiz AI-SPM
by Wiz
Agentless AI security posture management that discovers AI pipelines, models, and data across clouds, then surfaces misconfigurations and attack paths to AI services.
-
WorkOS AuthKit
by WorkOS
OAuth 2.1 authorization server for MCP applications that handles agent authorization flows and token validation, enabling fine-grained authorization for agentic workflows.
-
Secures enterprise AI agents with discovery, posture management, and runtime detection and response across agent platforms.
-
Zero-trust platform that uncovers shadow AI, classifies and moderates AI prompts and responses inline, and enforces DLP to block sensitive data from leaving for generative-AI apps and tools.
No products match the current filters.
0 selected for comparison (up to 4, deselect to compare)