Security, compliance, and data protection. Learn how EvalGuard safeguards your AI evaluation data and meets enterprise security requirements.
Numbers are published, not claimed. Each link lands on a page with reproducible methodology.
Sub-3ms p95 across 20,000 runs. Per-layer breakdown, sample prompts, reproducible commands. Re-run on your hardware.
Per-tier uptime + p95 latency commitments + support response times. 99.95% on Enterprise, 99.5% on Pro.
Auditor utility — paste any downloaded Annex IV / SoA / audit-bundle / evidence row, server recomputes the canonical SHA-256 hash, confirms tamper-detection. No data stored.
Deep-dive references: regulator-specific control mappings, model + incident transparency.
5 categories of HIPAA controls (Administrative §164.308, Technical §164.312, AI-Specific, Breach §164.400-414, Privacy §164.500-534) with "what we ship" vs "your responsibility" columns. BAA on request.
All 33 frameworks we map controls against — OWASP, NIST AI RMF, EU AI Act, ISO 42001, ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, FedRAMP and more. Per-framework evidence bundles on request.
Public log of model + platform incidents, root-cause writeups, and remediation timelines. Transparency by default — not just post-mortems for the ones that hit the news.
Per-provider, per-model support matrix: what's tested, what passes p95, what's gated for production. 91 providers, 188 scorers, refreshed nightly.
Purpose-built security features for AI/LLM applications — not retrofitted from traditional AppSec.
Detect unauthorized AI usage across your org. Monitor which models employees use, flag PII in outbound prompts, and block unapproved providers in real-time.
Discover all AI models deployed, map data flows, detect misconfigurations, and get a unified posture score with actionable recommendations.
Auto-analyze scan results, prioritize findings by risk, suggest step-by-step fixes with code examples, and map GDPR/HIPAA/OWASP compliance impact.
Automated adversarial testing with prompt injection, jailbreak, PII extraction, data exfiltration, and 42 attack strategies — mapped to OWASP LLM Top 10.
Real-time input/output scanning with PII redaction, injection detection, toxicity filtering, topic restriction, and content moderation.
Route LLM traffic through a secure proxy with DNS rebinding protection, rate limiting, cost tracking, and automatic trace logging.
EvalGuard is built to meet the most rigorous AI security and compliance standards.
Full coverage of all 10 LLM-specific vulnerability categories
Aligned with the NIST AI Risk Management Framework
Adversarial threat landscape coverage for AI systems
Aligned with EU AI Act risk assessment requirements
AI management system standard alignment
Aligned with India's Digital Personal Data Protection Act, 2023
Health Insurance Portability and Accountability Act compliance for healthcare AI
Enterprise-grade security built into every layer of the platform.
All data encrypted at rest and in transit. Bring Your Own Key (BYOK) supported for enterprise customers.
Prompts, responses, and evaluation data are never stored in plaintext. All sensitive fields are encrypted before persistence.
Granular RBAC with predefined roles (Admin, Editor, Viewer) and custom role support for enterprise plans.
Comprehensive audit trail for all user actions, API calls, and configuration changes with tamper-proof storage.
Flexible deployment options to meet your organization's requirements.
Deploy EvalGuard in your own infrastructure with our Helm charts and Docker images. Full air-gapped support.
Configurable data residency with region-specific storage. Choose from US, EU, or APAC regions.
All communication between components is encrypted using TLS 1.3. Internal service mesh uses mTLS.
We ship controls and evidence ahead of each audit. Here's exactly where every framework stands — shipped, in audit, or planned.
Independent audits land 2027 — controls + evidence ship first.
Our security team is available to discuss your requirements, provide compliance documentation, or schedule a security review.
security@evalguard.ai