The CalypsoAI platform is designed to secure bi-directional traffic between applications or users and generative AI (GenAI) models. It can also be used as an asynchronous API call for scanning content without involving a model.

Scanners on the CalypsoAI platform perform scanning of both content and data: Outbound prompts are scanned, as are the LLM provider’s returned responses. The scanners can also be deployed inline or out of band.

Each scanner is built to detect data for specific purposes or specific types of content, as shown below. It’s important to understand the use of large language models (LLMs) and GenAI and how they comprise a new, continually changing threat vector. CalypsoAI is committed to ensuring that our scanners are consistently updated to provide the most comprehensive protection.

Our Out-of-the-Box Scanners include “packages” of multilayered, GenAI-powered scanners that search in CalypsoAI’s GenAI Scanning Engine for very specific, related content, as well as individual scanners that focus on a single element or topic.\

When activating CalypsoAI, these Out-of-the-Box Scanners are ON by default and provide immediate protection that ensures approximately 80% security across standard needs. These scanners can be turned off/on at any time according to the user’s preference.

We have two scanner packages: the Prompt Injection Package and the PII Package, as shown below. Each scanner in a package searches for precisely targeted content. These scanners are updated routinely.

Combining these related scanners into packages enables them to deliver a comprehensive set of nuanced results. These scanners can be set to either block or audit content in prompts and responses.

The scanners in the PII Package filter for a variety of information described as personally identifiable information (PII), including credit card numbers, birth dates, driver license numbers, email addresses, internet provider (IP) addresses, and others.

The scanners in the Prompt Injection Package filter for indirect prompt Injection attempts, adversarial attacks, and jailbreak attempts.

Our individual content scanners detect and block or audit sensitive information and malicious content in prompts, and protect against malicious content in responses. Each scanner addresses a specific type of content.

Our policy scanners, shown below, are configurable to align with organizational norms and values.

Our audit scanners, shown below, review content to provide user insights and analytics.

Custom Scanners are created by the customer and tailored to specific business needs, use cases, or time-limited situations. In creating their custom scanners, companies can increase their security from the initial 80% achieved with the Out-of-the-Box Scanners to achieve optimal control. Each scanner can be created, published, activated, and then used for as long as necessary. For example, a scanner created to detect the name of a confidential project, competitor, or acquisition can be activated and remain in use until the information is no longer considered confidential, at which time the scanner can be deleted or unpublished. Alternatively, a scanner created to detect specific company terminology can be activated and remain activated for the system’s lifespan.

Scanners are created and tested in the Playground before being activated to ensure they are fit for purpose and successfully detect the specified content outlined. Custom Scanners can be duplicated, edited, or deleted at any time. When the edit feature is enabled, Custom Scanners are automatically deactivated, unpublished, and moved to the Playground.

The Playground is a secure space for developing and experimenting with custom scanners. The user creating the scanner names and describes it according to the specific prompt content it is intended to block or flag.

The user creating the scanner must test it against a model to ensure it detects the identified content according to the user’s intent, and to ensure the scanner is fit for purpose. When the scanner blocks a prompt or response, a message is displayed. The user creating the scanner can customize this message.

After thorough testing, the user can publish the Custom Scanner, moving it from the Playground to the production, or live, environment. During the deployment phase, the creator or another admin configures the scanner action to Block or Audit, customizes the scanner response message, and then activates the scanner, enabling identified users (individuals, named groups, or the entire organization) to use it. Active Custom Scanners can be edited after unpublishing them, which returns them to the Playground.