Eight security layers unified into one platform to protect every AI agent.
Two complementary systems that analyze every prompt and every LLM response in real time.
Layer 0: Pattern matching — regex-based detection of known injection patterns in under 1ms.
Layer 1: Weighted risk scoring — 15+ heuristics evaluate prompt structure, entropy, and suspicious patterns in under 50ms.
Layer 2: Local Ollama LLM — for ambiguous cases, a local model classifies intent in 1-5 seconds. Never blocks the pipeline.
An HTTP reverse proxy that sits between your agent and any LLM API (OpenAI, Anthropic, etc.). It intercepts every response, measures latency, extracts token counts, computes cost across 16 model pricing tiers, and enforces block rules before the response reaches the agent.
Supports trace correlation — every request/response pair is linked to the originating agent session for full end-to-end visibility.
Every security event produces an immutable record that satisfies the strictest regulatory auditors.
Every audit record is checksummed and chained to the previous entry. Tampering with any record breaks the chain, and Sentinel detects it automatically on every read.
Records are written to both the primary database and an append-only backup. The schema enforces INSERT-only — no UPDATE, no DELETE operations are permitted.
If a hash chain break is detected, Sentinel immediately fires a webhook alert (Slack, Discord, email) and logs the tamper event with full forensic context.
Sentinel patches LLM frameworks at import time. No SDK, no decorators, no middleware.
Sentinel's sitecustomize.py hook automatically monkey-patches these frameworks at import time:
Python's sitecustomize.py runs before any user code. Sentinel installs a persistent hook that intercepts import openai, import anthropic, and import langchain at the module level.
Every API call is transparently routed through the policy engine and LLM proxy — capturing prompts, responses, tokens, latency, and cost. The developer changes zero lines of code.
Real-time visibility and control over every AI agent in your infrastructure.
Overview, Live Events, Traces, Breach Monitor, Block Rules, Settings — all in one real-time SSE-powered interface. Click any event to inspect the full prompt/response payload.
Send alerts to Slack, Discord, email, or any webhook endpoint. Configure severity thresholds, vertical filters, and rate limiting.
Keyword, regex, recipient, and channel block rules. Seed defaults for passwords, API keys, SSNs, credit card numbers. Manage via CLI or dashboard.
Decoy files at ~/.honeypot/.env, .aws/credentials, .ssh/id_rsa. Any file access triggers an immediate high-severity alert with process forensics.
Non-root, read-only rootfs, cap_drop: ALL, no-new-privileges, custom seccomp profile. 9-point verification script validates every security control.
The message_sending hook intercepts outbound messages to Telegram, WhatsApp, Discord, and Slack. Block rules prevent PII, credentials, and sensitive data from reaching external channels.
Pre-built classifiers for regulated industries. Each vertical detects domain-specific compliance violations with tagged regulatory frameworks.
12 breach types — unauthorized transactions, PCI data exposure, insider trading signals, KYC violations, AML red flags, and more.
Compliance tags: PCI-DSS, SOX, GDPR
14 breach types — PHI exposure, unauthorized access to medical records, treatment recommendation without consent, substance abuse data leaks, and more.
Compliance tags: HIPAA, 42 CFR Part 2
14 breach types — trial data modification, unblinding events, adverse event suppression, GMP violations, electronic signature failures, and more.
Compliance tags: FDA 21-CFR Part 11, ICH-E6, GMP
Install in minutes. Zero code changes. Every agent monitored. Every breach logged.