PII, secrets, prompt protection
Data protection
One policy engine enabling enterprises to inspect, transform, or block sensitive data at every prompt, tool call, tool response, and answer.
Works with both Barndoor LLM Gateway and MCP Governance
You set the policies. Barndoor enforces them.
Prevent PII leaks, social engineering attempts, prompt injections, data exfiltration, and more.
LLM Gateway
LLM prompt
WHAT GETS CAUGHT
PII, credentials, API keys, sensitive data, and more
LLM response
WHAT GETS CAUGHT
Generated PII, policy violations, sensitive data in outputs, and more
MCP Governance
MCP tool input
WHAT GETS CAUGHT
Confidential data exfiltration, indirect prompt injection, malicious instructions, and more
MCP tool output
WHAT GETS CAUGHT
PII, confidential files, data exfiltration to third-party servers, and more
Enforce data protection across every prompt, tool call, and response
METHODOLOGY
How it works
Detects
Pattern-based
regex
Built-in classifiers for well-formed values used to match character combinations in strings.
- credit card
- SSN
- phone
- IBAN
- API keys
- IP address
- Passport number
- DOB
- VIN
- …
Model-based
transformer
Natural language classifiers that read surrounding context. Same mechanism powers prompt detection.
- PII in context
- prompt security
- allow lists or overrides
- insider threat signal
- data exfiltration intent
- allow lists or overrides
- social engineering attempts
- jailbreak attempts
- …
Custom
user-defined
Your own patterns or example-based for formats specific to your business. Configured in the policy editor.
- internal IDs
- order numbers
- customer records
- employee IDs
- invoice numbers
- SKU codes
- policy numbers
- membership IDs
- ticket numbers
- account numbers
- …
Key capabilities
PII, secrets, injections under one policy
Detection groups bundle SSNs, cloud keys, API tokens, DB credentials, and prompt injection patterns into a single reusable rule you attach to any enforcement policy.
Enforce data policies across any LLM or MCP server
Data protection designed for agents, connected MCP, and any model.
Apply data policy by person, groups, and roles
Scope enforcement to specific groups and roles based on your identity provider.
Enterprise data protection across LLMs and MCPs
CAPABILITY
LLM Gateway
Detection & Redaction
- PII & credential detection
- Tokenize, mask, redact, omit
- Custom detectors
- Direct prompt injection & jailbreak detection
Who Policies Apply To
- All users
- Groups via IdP
- Agents & service identities
Solution Scope
- Per-model
MCP Governance
Detection & Redaction
- PII & credential detection
- Tokenize, mask, redact, omit
- Custom detectors
- Indirect prompt injection detection
Who Policies Apply To
- All users
- Groups via IdP
- Agents & service identities
Solution Scope
- Per-tool / per-MCP server
- Metadata-condition policies
Detection & Redaction
Inspect prompts, responses, and tool I/O for sensitive content.
PII & credential detection
Regex + transformer detectors
Tokenize, mask, redact, omit
Per-field redaction options
Custom detectors
Your patterns or example-based rules
Direct prompt injection & jailbreak detection
User prompts to the model
-
Indirect prompt injection detection
Malicious instructions in tool/MCP responses
-
WHO POLICIES APPLY TO
Identity-aware scoping powered by your IdP.
All users
Groups via IdP
Okta, Azure AD, Google Workspace
Agents & service identities
Non-human callers, scoped credentials
SOLUTION SCOPE
Where each policy can target
Per-model
Different rules for all your LLM models
-
Per-tool / per-MCP server
Different rules per connected tool
-
Metadata-condition policies
Match on tool name, arguments, headers
-
Built for enterprise environments
Deploy Barndoor where you need it—with the architecture and controls your organization requires.
SaaS
Fully managed deployment for fast setup and ongoing updates.
Private Cloud
Deployed in your cloud environment to meet security and compliance requirements.
On-Prem
Run entirely within your infrastructure for maximum control and data residency.
Deploy enterprise AI agents with confidence
Start a free trial and get setup in minutes.