Block adversarial inputs before they reach the model.
Secure is the inbound layer of Cerberus. Every request is checked before it reaches an LLM. Start in observation mode — see your real risk surface — then turn on enforcement for the policies that matter. No agent rewrite, no SDK migration.
Prompt injection defense
Catches the most common attack patterns before they reach the model — direct jailbreaks, role overrides, system-prompt extraction attempts, and hostile instructions hidden inside documents the agent reads.
Sensitive-data scanning on inputs
Detects names, IDs, financial details, and health information in inbound prompts — across formats used in the US, EU, India, UK, Canada, and Australia. Validation goes beyond simple pattern-matching, so false positives stay low.
Custom data-loss patterns
Add your own regex or keyword rules — internal project codenames, customer IDs, supplier secrets — and we enforce them on inbound traffic. Updates push live without restarting anything.
Spend caps
Per-agent budget limits at five granularities so a runaway agent can't quietly burn through your LLM spend overnight. Every block produces an evidence record finance can read.
Runaway-loop detection
Catches agents stuck in a loop or being abused by an attacker. We watch the call rate against the agent's own baseline and a hard ceiling — whichever fires first.
Instant kill-switch
One toggle stops all traffic from a specific agent, model, or rule violation in real time. Used during an active incident — block first, investigate after.