llmthreat
For vendors 21 vendors · 10 tools Matrix Vendors

HiddenLayer is an AI-SPM / Runtime Protection vendor based in Austin, USA. Its flagship product is HiddenLayer AISec Platform (AI Discovery, Model Scanner, AIDR runtime, Automated Red Teaming). Against the OWASP LLM Top 10 (2025) we score it Covered on 3 of 10 risks, Partial on 6, with 7 MITRE ATLAS techniques mapped as of . It's independent.

3/10
Risks covered
6
Partial
7
ATLAS techniques
$56M
Funding
Active
Status

At a glance

Category
AI-SPM / Runtime Protection
Headquarters
Austin, USA
Founded
2022
Employees
101-250
Flagship product
HiddenLayer AISec Platform (AI Discovery, Model Scanner, AIDR runtime, Automated Red Teaming)
Deployment
SaaS, self-hosted, API/CI-CD; agentless and model-agnostic
Best for
Enterprises needing model file scanning plus non-invasive runtime detection across GenAI, predictive ML and agentic systems
Funding to date
$56M
Last round
Series A ($50M) · 2023-09
Status
Active

Facts as of .

What does HiddenLayer do?

Scans ML model files for tampering before they deploy, then watches them at runtime — the AISec Platform pairs a Model Scanner with AI detection and response. It ships as SaaS, self-hosted, API/CI-CD; agentless and model-agnostic, and it's built for enterprises needing model file scanning plus non-invasive runtime detection across GenAI, predictive ML and agentic systems. It's a weaker fit for teams wanting only a lightweight inline prompt firewall or open-source tooling.

Which OWASP LLM Top 10 risks does HiddenLayer cover?

HiddenLayer's strongest verdict is LLM01Prompt Injection. The two tables below come from our editorial read of HiddenLayer's public documentation as of (it's what the docs support, not a hands-on lab test), and this row also sits in the full matrix across all 21 vendors.

OWASP LLM Top 10 (2025) coverage — as of 2026-07-13
OWASP LLM Risk What it is HiddenLayer coverage How it's addressed Source
LLM01 Prompt Injection User or hidden input overrides the model's rules or intended behavior. Covered AIDR runtime guardrails enforce policies that prevent prompt injection and unsafe behavior in real time. https://www.hiddenlayer.com/aisec-platform/
LLM02 Sensitive Information Disclosure The model leaks secrets, personal data, or proprietary content in its output. Covered Runtime guardrails block sensitive data leakage; platform protects proprietary models, fine-tunes and datasets from exposure. https://www.hiddenlayer.com/aisec-platform/
LLM03 Supply Chain Compromised models, datasets, plugins, or dependencies add risk before runtime. Covered Model Scanner scans for malicious models, backdoored weights and vulnerable dependencies before deployment. https://hiddenlayer.com/model-scanner/
LLM04 Data and Model Poisoning Tampered training or fine-tuning data corrupts how the model behaves. Partial Detects backdoored/tampered model weights via scanning; training-data poisoning of live pipelines less explicitly addressed. https://hiddenlayer.com/model-scanner/
LLM05 Improper Output Handling Downstream systems trust model output without checking it, enabling injection or code execution. Partial AIDR / AI Runtime Security module inspects prompts and responses in real time and can block or redact unsafe/malicious model output before it reaches downstream systems (documented via LiteLLM integration and guardrails solution page), but not framed as a dedicated 'output handling/sanitization' feature. https://www.hiddenlayer.com/solutions/ai-guardrails
LLM06 Excessive Agency An agent holds more permissions, tools, or autonomy than the task needs. Partial Dedicated protections for autonomous agents and MCP-based systems, incl. preventing unauthorized tool usage. https://www.hiddenlayer.com/aisec-platform/
LLM07 System Prompt Leakage The system prompt or the secrets inside it get exposed to users. Partial AIDR detects sensitive-data extraction and adversarial prompt techniques; explicit system-prompt-leakage control not separately documented. https://docs.hiddenlayer.ai/docs/products/console/aidr_genai_sandbox
LLM08 Vector and Embedding Weaknesses Flaws in RAG stores let attackers poison, extract, or infer data. Partial AIDR discovers RAG corpora and checks data pipelines for poisoning/PII, and platform documentation states AI supply-chain coverage includes vector databases; no dedicated embedding-inversion/embedding-security control detailed. https://www.hiddenlayer.com/insight/integrating-ai-security-into-the-sdlc
LLM09 Misinformation The model produces false or fabricated content that users act on. Not covered No dedicated hallucination/misinformation detection feature found across AIDR platform pages; closest adjacent feature is 'Refusal Detection' which addresses guardrail-bypass/jailbreak detection, not hallucination. https://hiddenlayer.com/aidr/
LLM10 Unbounded Consumption Uncontrolled requests drive cost, denial of service, or model extraction. Partial Prevents model extraction/theft (mapped to Unbounded Consumption); explicit rate/DoS controls not documented. https://www.hiddenlayer.com/aisec-platform/
MITRE ATLAS coverage — as of 2026-07-13
ATLAS Technique (ID) Tactic HiddenLayer coverage Notes Source
LLM Prompt Injection (AML.T0051) Initial Access / Execution Covered AIDR guardrails detect and block prompt injection at runtime. https://docs.hiddenlayer.ai/docs/products/console/aidr_genai_sandbox
LLM Jailbreak (AML.T0054) Privilege Escalation / Defense Evasion Covered AIDR LLM Sandbox flags jailbreak tactics via MITRE ATLAS mapping in the console. https://docs.hiddenlayer.ai/docs/products/console/aidr_genai_sandbox
LLM Data Leakage (AML.T0057) Exfiltration Covered Runtime detection of sensitive-data extraction via inference interactions. https://www.hiddenlayer.com/aisec-platform/
ML Supply Chain Compromise (AML.T0010) Initial Access Covered Model Scanner detects malicious/backdoored models and vulnerable dependencies. https://hiddenlayer.com/model-scanner/
Backdoor ML Model (AML.T0018) Persistence Covered Scanning identifies backdoored weights and tampered artifacts. https://hiddenlayer.com/model-scanner/
Exfiltration via ML Inference API (AML.T0024) Exfiltration Partial Model theft/extraction protection maps to inference-API exfiltration. https://www.hiddenlayer.com/aisec-platform/
Craft Adversarial Data (AML.T0043) ML Attack Staging Partial Automated attack simulation/red teaming continuously probes with adversarial inputs. https://www.hiddenlayer.com/aisec-platform/

Is HiddenLayer independent, and how is it funded?

HiddenLayer is an independent company as of . It has raised $56M to date, most recently a Series A ($50M) dated 2023-09. Lead investors: M12 (Microsoft's Venture Fund), Moore Strategic Ventures.

HiddenLayer alternatives

The closest alternatives we track in AI-SPM / Runtime Protection are Apiiro, Cranium, Noma Security.

Frequently asked questions

What is HiddenLayer used for?

HiddenLayer is an AI-SPM / Runtime Protection vendor. Its flagship product is HiddenLayer AISec Platform (AI Discovery, Model Scanner, AIDR runtime, Automated Red Teaming). It ships as SaaS, self-hosted, API/CI-CD; agentless and model-agnostic, and it's built for enterprises needing model file scanning plus non-invasive runtime detection across GenAI, predictive ML and agentic systems.

Is HiddenLayer independent or acquired?

HiddenLayer is an independent company as of 2026-07-13 and has not been acquired.

How many OWASP LLM Top 10 risks does HiddenLayer cover?

We score HiddenLayer as Covered on 3 of the ten OWASP LLM Top 10 (2025) risks, with 6 more Partial, as of 2026-07-13. The table on this page breaks down every risk, including the ones marked Not covered or Unverified.

How is HiddenLayer deployed?

HiddenLayer ships as SaaS, self-hosted, API/CI-CD; agentless and model-agnostic.

What are the best alternatives to HiddenLayer?

The closest AI-SPM / Runtime Protection alternatives llmthreat tracks are Apiiro, Cranium, Noma Security.

Last verified . Sources: https://www.hiddenlayer.com/news/hiddenlayer-raises-50m-in-series-a-funding-to-safeguard-ai, https://techcrunch.com/2023/09/19/hiddenlayer-raises-50m-for-its-ai-defending-cybersecurity-tools/, https://www.hiddenlayer.com/aisec-platform/, https://hiddenlayer.com/model-scanner/, https://docs.hiddenlayer.ai/docs/products/console/aidr_genai_sandbox, https://www.crunchbase.com/organization/hiddenlayer. Funding and repo figures are third-party and go stale. Re-verify before you rely on them.
Informational, not professional security advice — verify HiddenLayer's claims and threat coverage against the official OWASP and MITRE sources and the vendor directly before making a purchasing or security decision. OWASP, MITRE, and the listed vendors and maintainers do not endorse llmthreat.com.