llmthreat
For vendors 21 vendors · 10 tools Matrix Vendors
Trust

How does llmthreat.com rate LLM-security vendor coverage? (2026 methodology)

llmthreat.com scores 21 vendors and 10 tools against the OWASP LLM Top 10 (2025) and MITRE ATLAS. Each risk cell reads Covered, Partial, Not covered, or Unverified. We assign it by hand from public documentation, and every cell carries a source. Vendor pages are re-verified every 4–6 weeks; tool metadata refreshes weekly. Last verified 2026-07-13.

What's for sale, and what never is

The directory pays for itself through labeled sponsorship, and independence is the whole reason it's worth reading — so the line is drawn in plain sight. Vendors can buy a verified profile, a clearly-labeled Featured placement, and a spot backing the annual report. They cannot buy a coverage cell, a ranking, or the removal of a "Not covered." Scores are assigned the same way whether a vendor pays or not. Every paid element is marked. If you ever see a score that seems to track a logo rather than the evidence, that's a bug worth reporting — the model only works if the rating stays honest. Sponsorship terms are on the sponsor page.

What earns a listing

A vendor is listed if it fits one of the six categories (AI Red Teaming, Guardrails / LLM Firewall, AI-SPM / Runtime Protection, AI Governance / Model Risk, Agentic AI Security, Open-Source Tools) and sells a product a buyer can price or deploy today. Acquired brands stay on the site, labeled with acquirer and deal, because buyers still shortlist those names. An open-source tool is listed if it has a public repository under an OSI-approved license and is built for LLM red-teaming, guardrails, or evaluation.

How a coverage cell gets its value

Each of the ten OWASP LLM risks gets one of four values:

  • Covered — public documentation clearly shows the product addresses the risk.
  • Partial — the product addresses one part of the risk, one attack path inside it, or the risk in a single deployment mode only.
  • Not covered — we checked and the capability is absent.
  • Unverified — the vendor may claim it, but we could not confirm it against a primary source, so we do not score it as a win.

Cells are an editorial read of public docs as of the page's verification date, not a hands-on lab test. Every non-Unverified cell carries a source.

Where the figures come from

Threat definitions come from the OWASP LLM Top 10 (2025). Techniques are referenced by MITRE ATLAS ID. Tool metadata (stars, last push, license) is pulled from the GitHub API. Funding, deal, and headquarters figures are third-party — company announcements, press coverage, PitchBook and Crunchbase — and each one is checked against a live source before it appears here. Anything we can't confirm shows as "Undisclosed" rather than a guess.

Why 4–6 weeks, not quarterly

Vendor rows are re-verified by hand on a 4-to-6-week cycle. That cadence is deliberate. This market changes hands monthly: in roughly a year, Protect AI went to Palo Alto Networks, Lakera to Check Point, CalypsoAI to F5, Prompt Security to SentinelOne, Robust Intelligence to Cisco, and Pangea to CrowdStrike. A quarterly refresh would leave the directory wrong for weeks at a time. If a page's Last verified date is more than six weeks old, treat its volatile figures as stale until re-confirmed.

Corrections

Found an error, or work at a listed vendor? Use the "Claim / update this profile" link on any vendor page. Every change is checked against a source before it goes live.

Last verified 2026-07-13. Sources: OWASP LLM Top 10 (2025), MITRE ATLAS, vendor documentation, GitHub API, PitchBook/Crunchbase. See the Data & Sources page for the full table.