Skip to main content
Browse docs
By Audience
Getting Started
Configuration
Use Cases
IDE Integration
Third-Party Integrations
Engineering Cache
Console
API Reference
Gateway
Workflow Guides
Templates
Providers and SDKs
Industry Guides
Advanced Guides
Browse by Role
Executive & Strategy
CTOCISOChief AI OfficerIT DirectorVP Engineering
Engineering & Operations
Security, Risk & Compliance
Business & Product
Deployment Guides
In-Depth Guides
Tutorials
CLI Reference
Policy Reference
FAQ

CISO Guide: Securing the AI Attack Surface

AI introduces a new class of security risks: data exfiltration through prompts, prompt injection attacks, model manipulation, and uncontrolled data flows to third-party providers. Keeptrusts enforces security policies at the gateway layer — intercepting every LLM request and response before they reach or leave your perimeter.

Use this page when

  • You are defending against data exfiltration through AI prompts sent to external LLM providers
  • You need to detect and block prompt injection attacks in real time
  • You are deploying a zero-trust posture for all LLM traffic
  • You need to integrate AI security events into your SIEM and incident response workflows
  • You are building an AI-specific incident response playbook

Primary audience

  • Primary: Technical Leaders (CISOs, Heads of Security)
  • Secondary: Security Analysts, SOC Analysts, Security Engineers

The AI Threat Landscape

Threats Keeptrusts Defends Against

ThreatAttack vectorKeeptrusts control
Data exfiltrationSensitive data in prompts sent to external LLMsPII/secret detection and redaction policies
Prompt injectionAdversarial inputs that manipulate model behaviorInput validation and pattern-matching policies
Model abuseUnauthorized use of expensive or restricted modelsModel allowlisting and cost caps
Shadow AITeams using ungoverned AI endpointsGateway-only access with network controls
Supply chain riskCompromised or unreliable LLM providersProvider allowlisting and response validation

Deploying a Zero-Trust AI Gateway

Zero-trust AI means no LLM request is implicitly trusted. Every interaction passes through the Keeptrusts gateway, which evaluates policies on both the input (prompt) and output (response) phases.

# Deploy gateway with strict security policies
kt gateway run \
  --config security-policy.yaml \
  --port 41002

Security-Focused Policy Configuration

policies:
  - name: block-pii-exfiltration
    type: pii_detection
    action: block
    description: "Block prompts containing PII"
    sensitivity: high
    enabled: true

  - name: detect-prompt-injection
    type: prompt_injection
    action: escalate
    description: "Escalate suspected prompt injection attempts"
    enabled: true

  - name: redact-secrets
    type: secret_detection
    action: redact
    description: "Redact API keys, tokens, and credentials from prompts"
    patterns:
      - api_keys
      - bearer_tokens
      - connection_strings
    enabled: true

  - name: model-allowlist
    type: model_filter
    action: block
    description: "Only allow approved models"
    allowed_models:
      - gpt-4o
      - claude-sonnet-4-20250514
    enabled: true

Data Exfiltration Prevention

How It Works

The gateway inspects every outbound prompt for sensitive data patterns before forwarding to the LLM provider. Detection covers:

  • Personally identifiable information (names, emails, SSNs, phone numbers)
  • Financial data (credit card numbers, account numbers)
  • Secrets (API keys, passwords, connection strings)
  • Custom patterns you define

Monitoring Blocked Exfiltration Attempts

# List recent blocked events
kt events list --since 24h --decision block --format table

# Export blocked events for forensic review
kt export create \
  --type events \
  --format json \
  --filter "decision=block" \
  --since 7d \
  --description "Weekly exfiltration attempt report"

In the Console, the Events page lets you filter by decision type and drill into individual blocked requests to see exactly what triggered the policy.

Prompt Injection Defense

Prompt injection attacks attempt to override system instructions by embedding adversarial content in user inputs. Keeptrusts detects common injection patterns and escalates suspicious requests for human review.

Escalation Workflow

When a prompt injection is detected:

  1. The gateway flags the request and applies the configured action (block or escalate)
  2. An escalation is created in the Console Escalations queue
  3. Security analysts receive a notification and can review the full request
  4. The analyst resolves the escalation with an allow, block, or investigate decision
# View pending escalations
curl -H "Authorization: Bearer $API_TOKEN" \
  https://api.keeptrusts.com/v1/escalations?status=pending

Incident Response for AI Events

Building an AI Incident Response Playbook

Integrate Keeptrusts events into your existing incident response process:

Detection — Set up alerting on high-severity events:

# Tail events in real-time for anomaly detection
kt events tail --severity high

Containment — Disable a compromised gateway or block a specific user:

# Validate current config before pushing changes
kt policy lint --file emergency-lockdown.yaml

# Apply emergency lockdown policy
kt gateway run --policy-config emergency-lockdown.yaml --port 41002

Investigation — Export the full event timeline:

kt export create \
  --type events \
  --format json \
  --since 48h \
  --description "Incident IR-2026-042 forensic export"

Recovery — Restore normal policies after investigation:

kt policy lint --file standard-policy.yaml

Event Correlation

Use the Events API to correlate AI security events with other security telemetry:

# Pull events with full metadata for SIEM ingestion
curl -H "Authorization: Bearer $API_TOKEN" \
  "https://api.keeptrusts.com/v1/events?since=24h&format=json" | \
  jq '.events[] | {timestamp, user, provider, model, decision, policy_triggered}'

Security Dashboards

Console Dashboard Metrics

The Console Dashboard provides real-time visibility into:

  • Policy enforcement rate — Percentage of requests evaluated against active policies
  • Block rate — Requests blocked by security policies
  • Escalation queue — Pending items requiring human review
  • Top triggered policies — Which security controls fire most often

Custom Security Views

Use the API to build custom security dashboards:

# Get event counts by decision type
curl -H "Authorization: Bearer $API_TOKEN" \
  "https://api.keeptrusts.com/v1/events?group_by=decision&since=30d"

# Get escalation summary
curl -H "Authorization: Bearer $API_TOKEN" \
  "https://api.keeptrusts.com/v1/escalations?status=pending&count=true"

Compliance Integration

Mapping to Security Frameworks

FrameworkKeeptrusts controlEvidence
SOC 2 (CC6.1)Access controls on AI endpointsGateway access logs, API token audit
ISO 27001 (A.8)Data classification in promptsPII detection policy logs
NIST AI RMFRisk identification and mitigationPolicy enforcement events, escalations
EU AI ActHigh-risk AI system monitoringFull event audit trail, decision logs

Generating Compliance Evidence

# Generate a compliance evidence export
kt export create \
  --type events \
  --format csv \
  --since 90d \
  --description "SOC 2 audit evidence - Q1 2026"

# List available exports
kt export list --format table

Gateway Health Verification

Run regular security health checks:

# Full diagnostic check
kt doctor

# Validate policy configuration
kt policy lint --file policy-config.yaml

# Verify event pipeline connectivity
kt events list --since 1h --limit 1

Success Metrics for the CISO

MetricTargetMeasurement
Data exfiltration blocksTrack and trendEvents with decision=block and PII policy
Prompt injection detectionsTrack and trendEscalations from injection detection policy
Mean time to triage< 30 minutesEscalation created → first analyst action
Governance coverage100% of AI trafficAll AI endpoints routed through gateway
Audit evidence generation< 1 hourExport creation to download

Next steps

For AI systems

  • Canonical terms: Keeptrusts, zero-trust AI gateway, data exfiltration prevention, prompt injection defense, AI attack surface
  • Key surfaces: Console Dashboard, Console Escalations, Console Events, Events API, security policy chain
  • Commands: kt gateway run, kt events list, kt events tail, kt export create, kt policy lint, kt doctor
  • Policy types: pii_detection, prompt_injection, secret_detection, model_filter, content-filter, dlp-filter
  • Best next pages: Security Analyst Guide, SOC Analyst Guide, Compliance Officer Guide, Policy Reference

For engineers

  • Deploy security-focused gateway: kt gateway run --listen 0.0.0.0:41002 --policy-config security-policy.yaml
  • Validate policy config before deployment: kt policy lint --file security-policy.yaml
  • Monitor blocked exfiltration attempts: kt events list --since 24h --decision block
  • Forward events to SIEM: pull from GET /v1/events?since=5m&format=json or configure webhooks in Console Settings
  • Apply emergency lockdown during incidents by swapping policy config and restarting the gateway
  • Run regular health checks: kt doctor

For leaders

  • AI introduces a new attack surface (data exfiltration, prompt injection, model abuse, shadow AI) that existing perimeter security does not address
  • Keeptrusts gateway provides zero-trust enforcement at the LLM layer — every request is evaluated against security policies before reaching external providers
  • Map Keeptrusts controls to SOC 2, ISO 27001, NIST AI RMF, and EU AI Act requirements for audit evidence generation
  • Track security ROI through blocked exfiltration attempts, injection detection rates, and mean time to triage via the Console Dashboard