Security & Risk
Guardrails
Technical controls that constrain AI behavior to prevent unsafe, unauthorized, or non-compliant outputs and actions.
AI guardrails are technical controls applied to AI systems to keep their behavior within acceptable boundaries. Guardrails operate at multiple levels:
- Input guardrails: Prevent sensitive data from being sent to AI tools (DLP for AI, prompt filtering)
- Output guardrails: Filter or block AI responses that contain harmful, biased, or non-compliant content
- Action guardrails: Limit what AI agents can do (restricting tool access, requiring approval for high-risk actions)
- Policy guardrails: Enforce organizational rules (which users can access which AI tools, what data types are permitted)
Guardrails can be implemented by AI vendors (built into the model), by security tools (browser extensions, proxies, endpoint agents), or by the organization (workflow approvals, human review requirements).
Why it matters
Guardrails turn AI policies into technical enforcement. A policy that says 'don't share customer PII with AI tools' is only effective if there's a guardrail that detects and blocks PII before it reaches the model.