Enkrypt AI is a Guardrails / LLM Firewall vendor based in Boston, USA. Its flagship product is Enkrypt AI platform (Agent Red Teaming, Agent Guardrails, AI Data Risk Audit, MCP Scanner/Gateway). Against the OWASP LLM Top 10 (2025) we score it Covered on 4 of 10 risks, Partial on 6, with 6 MITRE ATLAS techniques mapped as of . It's independent.
- 4/10
- Risks covered
- 6
- Partial
- 6
- ATLAS techniques
- $2.35M
- Funding
- Active
- Status
At a glance
- Category
- Guardrails / LLM Firewall
- Headquarters
- Boston, USA
- Founded
- 2022
- Employees
- 11-50
- Flagship product
- Enkrypt AI platform (Agent Red Teaming, Agent Guardrails, AI Data Risk Audit, MCP Scanner/Gateway)
- Deployment
- SaaS/API guardrails and gateway; enterprise deployments
- Best for
- Teams wanting combined red teaming plus runtime guardrails, hallucination detection and compliance evidence for LLM/agent apps
- Funding to date
- $2.35M
- Last round
- Seed · 2024-02
- Status
- Active
Facts as of .
What does Enkrypt AI do?
Pairs automated red teaming with runtime guardrails and model-risk audits in between, for teams that want offense and defense from one vendor. It ships as SaaS/API guardrails and gateway; enterprise deployments, and it's built for teams wanting combined red teaming plus runtime guardrails, hallucination detection and compliance evidence for LLM/agent apps. It's a weaker fit for buyers needing deep model-file supply-chain scanning or large-scale AI-SPM asset discovery.
Which OWASP LLM Top 10 risks does Enkrypt AI cover?
Enkrypt AI's strongest verdict is LLM01Prompt Injection. The two tables below come from our editorial read of Enkrypt AI's public documentation as of (it's what the docs support, not a hands-on lab test), and this row also sits in the full matrix across all 21 vendors.
| OWASP LLM Risk | What it is | Enkrypt AI coverage | How it's addressed | Source |
|---|---|---|---|---|
| LLM01 Prompt Injection | User or hidden input overrides the model's rules or intended behavior. | Covered | Guardrails detect/block prompt injection and jailbreaks; red teaming tests them. | https://www.enkryptai.com/ |
| LLM02 Sensitive Information Disclosure | The model leaks secrets, personal data, or proprietary content in its output. | Covered | Addresses data leakage and model inversion; AI Data Risk Audit examines sensitive data exposure. | https://www.enkryptai.com/ |
| LLM03 Supply Chain | Compromised models, datasets, plugins, or dependencies add risk before runtime. | Partial | MCP Scanner/Gateway secures Model Context Protocol; not full model-artifact supply-chain scanning. | https://www.enkryptai.com/ |
| LLM04 Data and Model Poisoning | Tampered training or fine-tuning data corrupts how the model behaves. | Partial | AI Data Risk Audit examines data, fine-tuning and embeddings for risk; live poisoning prevention less explicit. | https://www.enkryptai.com/ |
| LLM05 Improper Output Handling | Downstream systems trust model output without checking it, enabling injection or code execution. | Partial | Guardrails filter toxic/unsafe generated content before it reaches downstream systems. | https://www.enkryptai.com/ |
| LLM06 Excessive Agency | An agent holds more permissions, tools, or autonomy than the task needs. | Partial | Agent Policy Engine translates policies into guardrails and flags unmonitored agent actions. | https://www.enkryptai.com/ |
| LLM07 System Prompt Leakage | The system prompt or the secrets inside it get exposed to users. | Covered | Red-teaming documentation lists a dedicated 'system_prompt_extractions_test' category that attempts to extract the system prompt/internal instructions. | https://docs.enkryptai.com/get-started/redteam/introduction |
| LLM08 Vector and Embedding Weaknesses | Flaws in RAG stores let attackers poison, extract, or infer data. | Partial | AI Data Risk Audit examines embeddings; specific embedding-inversion defense not detailed. | https://www.enkryptai.com/ |
| LLM09 Misinformation | The model produces false or fabricated content that users act on. | Covered | Detects and monitors hallucinations and model drift; LLM Safety Leaderboard benchmarks robustness. | https://www.enkryptai.com/ |
| LLM10 Unbounded Consumption | Uncontrolled requests drive cost, denial of service, or model extraction. | Partial | MCP Servers Hosting product is documented with built-in rate limiting, and the company's agent-guardrails framework addresses resource-overload risks (prompt storms, runaway recursion) mapped to OWASP resource-overload risk, though not a comprehensive platform-wide unbounded-consumption control. | https://medium.com/enkrypt-ai/securing-ai-agents-a-comprehensive-framework-for-agent-guardrails-a75671e0d7c9 |
| ATLAS Technique (ID) | Tactic | Enkrypt AI coverage | Notes | Source |
|---|---|---|---|---|
| LLM Prompt Injection (AML.T0051) | Initial Access / Execution | Covered | Guardrails block and red teaming tests prompt injection. | https://www.enkryptai.com/ |
| LLM Jailbreak (AML.T0054) | Privilege Escalation / Defense Evasion | Covered | Continuous dynamic attacks and guardrails target jailbreaks. | https://www.enkryptai.com/ |
| Craft Adversarial Data (AML.T0043) | ML Attack Staging | Covered | Agent Red Teaming generates continuous adversarial attacks. | https://www.enkryptai.com/ |
| LLM Data Leakage (AML.T0057) | Exfiltration | Covered | Guardrails and data risk audit address data leakage and model inversion. | https://www.enkryptai.com/ |
| External Harms (AML.T0048) | Impact | Partial | Guardrails mitigate toxic content and brand/safety harms; audit-ready compliance evidence. | https://www.enkryptai.com/ |
| Erode ML Model Integrity (AML.T0031) | Impact | Partial | Hallucination and model-drift monitoring track degradation of model reliability. | https://www.enkryptai.com/ |
Is Enkrypt AI independent, and how is it funded?
Enkrypt AI is an independent company as of . It has raised $2.35M to date, most recently a Seed dated 2024-02. Lead investors: Boldcap.
Enkrypt AI alternatives
The closest alternatives we track in Guardrails / LLM Firewall are Lakera, Lasso Security, NeuralTrust. On the open-source side, Guardrails covers similar ground.
Frequently asked questions
What is Enkrypt AI used for?
Enkrypt AI is a Guardrails / LLM Firewall vendor. Its flagship product is Enkrypt AI platform (Agent Red Teaming, Agent Guardrails, AI Data Risk Audit, MCP Scanner/Gateway). It ships as SaaS/API guardrails and gateway; enterprise deployments, and it's built for teams wanting combined red teaming plus runtime guardrails, hallucination detection and compliance evidence for LLM/agent apps.
Is Enkrypt AI independent or acquired?
Enkrypt AI is an independent company as of 2026-07-13 and has not been acquired.
How many OWASP LLM Top 10 risks does Enkrypt AI cover?
We score Enkrypt AI as Covered on 4 of the ten OWASP LLM Top 10 (2025) risks, with 6 more Partial, as of 2026-07-13. The table on this page breaks down every risk, including the ones marked Not covered or Unverified.
How is Enkrypt AI deployed?
Enkrypt AI ships as SaaS/API guardrails and gateway; enterprise deployments.
What are the best alternatives to Enkrypt AI?
The closest Guardrails / LLM Firewall alternatives llmthreat tracks are Lakera, Lasso Security, NeuralTrust. On the open-source side, Guardrails covers similar ground.