llmthreat
For vendors 21 vendors · 10 tools Matrix Vendors

Lakera is a Guardrails / LLM Firewall vendor based in Zurich, Switzerland (research hubs Zurich + San Francisco). Its flagship product is Lakera Guard (runtime), Lakera Red (red teaming); Gandalf educational tool. Against the OWASP LLM Top 10 (2025) we score it Covered on 8 of 10 risks, Partial on 2, with 6 MITRE ATLAS techniques mapped as of . It now operates under Check Point Software.

8/10
Risks covered
2
Partial
6
ATLAS techniques
~$30M total (incl. $20M Series A)
Funding
Acquired
Status

At a glance

Category
Guardrails / LLM Firewall
Headquarters
Zurich, Switzerland (research hubs Zurich + San Francisco)
Founded
2021
Employees
51-100 (approx)
Flagship product
Lakera Guard (runtime), Lakera Red (red teaming); Gandalf educational tool
Deployment
SaaS API + self-hosted/on-prem guardrail
Best for
Real-time prompt-injection and content guardrails for GenAI/agentic apps, plus pre-deployment red teaming
Funding to date
~$30M total (incl. $20M Series A)
Last round
Series A ($20M) · 2024-07
Status
Acquired by Check Point Software

Facts as of .

What does Lakera do?

Made its name catching prompt injection in real time; Lakera Guard and Lakera Red now anchor Check Point's AI security line. It ships as SaaS API + self-hosted/on-prem guardrail, and it's built for real-time prompt-injection and content guardrails for GenAI/agentic apps, plus pre-deployment red teaming. It's a weaker fit for model-file supply-chain scanning or ML artifact integrity (explicitly out of runtime scope).

Which OWASP LLM Top 10 risks does Lakera cover?

Lakera's strongest verdict is LLM01Prompt Injection. The two tables below come from our editorial read of Lakera's public documentation as of — it's what the docs support, not a hands-on lab test — and this row also sits in the full matrix across all 21 vendors.

OWASP LLM Top 10 (2025) coverage — as of 2026-07-13
OWASP LLM Risk What it is Lakera coverage How it's addressed Source
LLM01 Prompt Injection User or hidden input overrides the model's rules or intended behavior. Covered Prompt Attack detector identifies direct, indirect, and jailbreak attempts in real time. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
LLM02 Sensitive Information Disclosure The model leaks secrets, personal data, or proprietary content in its output. Covered PII detection and custom guardrails protect proprietary data at runtime. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
LLM03 Supply Chain Compromised models, datasets, plugins, or dependencies add risk before runtime. Partial Vendor marks supply chain as outside runtime scope; Lakera Red offers limited behavior evaluation. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
LLM04 Data and Model Poisoning Tampered training or fine-tuning data corrupts how the model behaves. Covered Identifies poisoning triggers and backdoor activation (per vendor mapping). https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
LLM05 Improper Output Handling Downstream systems trust model output without checking it, enabling injection or code execution. Covered Lakera Red tests for RCE/XSS/SQLi payloads; Guard detects suspicious output patterns. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
LLM06 Excessive Agency An agent holds more permissions, tools, or autonomy than the task needs. Partial Primarily architectural; Lakera Red evaluates agent permission boundaries. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
LLM07 System Prompt Leakage The system prompt or the secrets inside it get exposed to users. Covered Real-time system-prompt extraction prevention and systematic testing. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
LLM08 Vector and Embedding Weaknesses Flaws in RAG stores let attackers poison, extract, or infer data. Covered Guard protects RAG/vector data at runtime (Red testing scope limited). https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
LLM09 Misinformation The model produces false or fabricated content that users act on. Covered Content moderation and factuality evaluation capabilities. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
LLM10 Unbounded Consumption Uncontrolled requests drive cost, denial of service, or model extraction. Covered Detects suspicious usage patterns and resource-exhaustion attacks. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
MITRE ATLAS coverage — as of 2026-07-13
ATLAS Technique (ID) Tactic Lakera coverage Notes Source
LLM Prompt Injection (AML.T0051) Initial Access / Execution Covered Core real-time prompt-injection detector. https://www.lakera.ai/blog/guide-to-prompt-injection
LLM Jailbreak (AML.T0054) Privilege Escalation / Defense Evasion Covered Guard blocks jailbreak attempts; Gandalf research feeds detections. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
LLM Data Leakage (AML.T0057) Exfiltration Covered PII and proprietary-data detection at runtime. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
Extract LLM System Prompt (AML.T0056) Discovery Covered System-prompt extraction prevention. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
Craft Adversarial Data (AML.T0043) ML Attack Staging Covered Lakera Red simulates real-world adversarial attacks pre-deployment. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment
Poison Training Data (AML.T0020) Resource Development Partial Detects poisoning triggers/backdoor activation per vendor mapping. https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment

Is Lakera independent, and how is it funded?

Lakera was acquired by Check Point Software for ~$300M (widely reported; not officially disclosed by Check Point) (2025-09; completed 2025-10-22) and now operates as a brand of Check Point Software. Packaging, pricing, and support can shift under new ownership, so confirm current terms with Check Point Software before you buy.

Lakera alternatives

The closest alternatives we track in Guardrails / LLM Firewall are Enkrypt AI, Lasso Security, NeuralTrust. On the open-source side, Guardrails covers similar ground.

Frequently asked questions

What is Lakera used for?

Lakera is a Guardrails / LLM Firewall vendor. Its flagship product is Lakera Guard (runtime), Lakera Red (red teaming); Gandalf educational tool. It ships as SaaS API + self-hosted/on-prem guardrail, and it's built for real-time prompt-injection and content guardrails for GenAI/agentic apps, plus pre-deployment red teaming.

Is Lakera independent or acquired?

Lakera was acquired by Check Point Software and now operates as a subsidiary, as of 2026-07-13.

How many OWASP LLM Top 10 risks does Lakera cover?

We score Lakera as Covered on 8 of the ten OWASP LLM Top 10 (2025) risks, with 2 more Partial, as of 2026-07-13. The table on this page breaks down every risk, including the ones marked Not covered or Unverified.

How is Lakera deployed?

Lakera ships as SaaS API + self-hosted/on-prem guardrail.

What are the best alternatives to Lakera?

The closest Guardrails / LLM Firewall alternatives llmthreat tracks are Enkrypt AI, Lasso Security, NeuralTrust. On the open-source side, Guardrails covers similar ground.

Last verified . Sources: https://www.checkpoint.com/press-releases/check-point-acquires-lakera-to-deliver-end-to-end-ai-security-for-enterprises/, https://www.calcalistech.com/ctechnews/article/rj5bc1vige, https://www.prnewswire.com/news-releases/lakera-raises-20m-series-a-to-secure-generative-ai-applications-302204874.html, https://www.lakera.ai/blog/owasp-top-10-for-llm-applications-lakera-alignment, https://www.marketscreener.com/news/check-point-software-technologies-ltd-completed-the-acquisition-of-lakera-ai-ag-ce7d5dd2dc80f22d. Funding and repo figures are third-party and go stale. Re-verify before you rely on them.
Informational, not professional security advice — verify Lakera's claims and threat coverage against the official OWASP and MITRE sources and the vendor directly before making a purchasing or security decision. OWASP, MITRE, and the listed vendors and maintainers do not endorse llmthreat.com.