Security for the teams
shipping AI.
Evidence-first prompt & agent security.
Aegis detects prompt injection, recovers hidden image payloads, and stress-tests your AI against evolving evasions — returning evidence and remediation, not just an unexplained risk score.
Product walkthrough
The security layer
AI teams were missing.
Most security tooling — SIEMs, WAFs, DLP — was built for structured traffic. LLM inference is unstructured, and its failure modes are different: prompt injection, indirect injection through retrieved context, payloads hidden inside images, and jailbreaks that shift faster than static rules.
Aegis was built to close that gap. It analyzes prompts and image carriers, recovers the actual evidence behind a finding, explains why it scored the way it did, and runs adversarial benchmarks so teams can harden defenses before attackers do.
Your entire AI attack surface, in one view.
The Aegis dashboard gives security and ML teams a live view of scan volume, severity distribution, and the highest-risk findings across every prompt, image, and agent run.
Every signal that matters, unified.
A full suite of detection and red-team modules, each built around a real LLM failure mode — and each one returns recoverable evidence, not just a number.
Prompt Injection Detection
Flags direct and indirect injection across inputs — including multi-turn sequences, retrieved-context injection, and instruction-override patterns.
ShippedNLP Threat Analysis
Semantic NLP engine that reads intent — catching jailbreaks, policy-violating requests, and obfuscated instructions that simple keyword or regex filters miss.
ShippedHidden Payload & Steganography
Recovers payloads from PNG metadata, appended/trailing bytes, and PNG/BMP LSB channels, with chi-square anomaly checks — then re-scans recovered text.
ShippedRed Team Mode
Generates evolving adversarial prompts to probe your model, surfaces successful evasions, and exports them as regression cases so defenses keep improving.
ShippedAdversarial RL Engine
The reinforcement-learning core behind red-team mode — 7 mutation families (role override, obfuscation, multilingual, emoji/unicode, tool-use coercion, exfil framing) with a full per-step trace.
ShippedExplainable Scoring
Surfaces score drivers, evidence-vs-suspicion distinction, and OWASP LLM references so every finding carries context and remediation.
ShippedScan History & Replay
Tenant-scoped scan history with severity, mode, and time filters, a detail drawer with reasoning, and one-click replay — IDOR-guarded by design.
ShippedAgent Orchestration (ADK)
Env-gated Google ADK orchestrator exposing typed tools. Reports are grounded only in tool outputs and cite their evidence — no invented findings.
PreviewEverything a security team needs, in one engine.
Aegis is more than a scanner — it's a workflow. From first scan to a tracked, replayable security posture.
Command Center
A live dashboard of scan volume, severity distribution, and your highest-risk findings across prompts, images, and agent runs.
Prompt Scanner
Submit a prompt or conversation and get an explained verdict — risk score, severity, reason codes, and remediation in under a second.
Image & Stego Lab
Inspect image carriers for hidden instructions — metadata, trailing bytes, LSB channels, and chi-square anomalies, with recovered text re-scanned.
Red Team Runner
Launch adversarial RL runs against your model, watch the per-step mutation trace, and see exactly where defenses hold or break.
Scan History
Every scan is logged, filterable by severity, mode, and time, with a detail drawer for reasoning and one-click replay — tenant-scoped.
Threat Memory
Successful evasions are saved as regression cases, so a vulnerability you find once is something you test for every time after.
Reports & Export
Generate evidence-backed reports and export findings — including regression packs — for audits, stakeholders, and CI pipelines.
Agent Orchestration · preview
An env-gated ADK orchestrator that calls Aegis tools and produces grounded, cited reports — never inventing findings beyond tool outputs.
From input to evidence-backed report.
Submit a prompt, image, or agent run
Send input through the dashboard or the REST API. Text prompts, image carriers, and multi-turn conversations are all supported.
Detection runs in parallel
Aegis runs injection detection, hidden-payload recovery, statistical anomaly checks, and adversarial mutation — recovering the actual evidence behind each signal.
Act on the explained verdict
Get a 0–100 risk score, severity, recovered evidence, reason codes, and remediation — with full history and replay for every scan.
{ "scanId": "SCN-7F32-AE", "detected": true, "riskScore": 84, "severity": "CRITICAL", "carrierMethod": "png_metadata", "evidenceType": "recovered_text", "recoveredText": "ignore previous… exfiltrate keys", "owaspRef": "LLM01: Prompt Injection", "remediation": "strip metadata, sandbox tool calls", "latencyMs": 612 }
Start free. Scale when you ship.
Aegis is in early access. Request an invite to start on a genuinely free plan — no card required — and talk to us for team and enterprise needs.
- Text prompt injection scanner
- Basic remediation guidance
- 250 scans / month
- Everything in Free
- Image & steganography scans
- Red team / RL adversarial runs
- NLP analysis, score reasoning & history · 10,000 scans/mo
- Everything in Pro
- Multi-user workspace & roles
- Threat Memory & scheduled scans
- Report export & API keys · 100,000 scans/mo
- Everything in Team
- SSO / SAML / OIDC & RBAC
- Private GCP / VPC deployment
- Audit logs, tenant isolation & custom SLA
AI Prompt Injection & Hidden Payload Assessment
A hands-on engagement: we red-team your AI application against injection, steganographic payloads, and agent-tool abuse, then deliver an evidence-backed report with remediation.
Compare plans
| Feature | Freeearly access | Pro$49/mo | Teamcontact | Enterprisecustom |
|---|---|---|---|---|
| Detection | ||||
| Prompt injection scanner | ||||
| Remediation guidance | ||||
| Detailed score reasoning | — | |||
| Unicode / emoji / multilingual (NLP) | — | |||
| Saved scan history & replay | — | |||
| Image & steganography scans | — | |||
| Red team & testing | ||||
| Red team / RL adversarial runs | — | |||
| Threat Memory | — | — | ||
| Scheduled scans | — | — | ||
| Report export | — | — | ||
| Workflow & limits | ||||
| Monthly scans included | 250 | 10,000 | 100,000 | Custom |
| Multi-user workspace | — | — | ||
| Multiple API keys | — | — | ||
| Security & deployment | ||||
| SSO / SAML / OIDC & RBAC | — | — | — | |
| Audit logs & tenant isolation | — | — | — | |
| Private GCP / VPC deployment | — | — | — | |
| SLA & dedicated support | Community | Priority | Custom SLA | |
Evidence over marketing claims.
We don't ship testimonials we can't stand behind. We ship detectors, traces, and reports you can verify yourself.
Modules shipped
Injection, NLP analysis, steganography, red-team, RL engine, scoring, history, and ADK orchestration.
Hidden-payload carriers
Metadata, appended bytes, PNG & BMP LSB, plus chi-square anomaly detection.
Mutation families
Role override, obfuscation, multilingual, emoji/unicode, sandwiching, tool-use coercion, exfil framing.
LLM Top-10 aligned
Findings map to recognized LLM risk categories with cited references.
Let's talk AI security.
Whether you're exploring Aegis, have a technical question, or want to scope an assessment — reach us directly. We read every message.