llmthreat
For vendors 21 vendors · 10 tools Matrix Vendors

NeuralTrust is a Guardrails / LLM Firewall vendor based in Barcelona, Spain. Its flagship product is NeuralTrust AI Gateway + TrustGuard/TrustLens/TrustTest. Against the OWASP LLM Top 10 (2025) we score it Covered on 4 of 10 risks, Partial on 5, with 6 MITRE ATLAS techniques mapped as of . It's independent.

4/10
Risks covered
5
Partial
6
ATLAS techniques
$20M (€17.2M seed)
Funding
Active
Status

At a glance

Category
Guardrails / LLM Firewall
Headquarters
Barcelona, Spain
Founded
2022
Employees
11-50
Flagship product
NeuralTrust AI Gateway + TrustGuard/TrustLens/TrustTest
Deployment
SaaS, self-hosted, or hybrid (split-plane)
Best for
Enterprises needing an infrastructure-level guardrail/gateway plus red teaming across many LLM apps and agents
Funding to date
$20M (€17.2M seed)
Last round
Seed · 2026-06
Status
Active

Facts as of .

What does NeuralTrust do?

An LLM gateway with teeth — runtime guardrails, posture checks, and red teaming behind a single front door for AI traffic. It ships as SaaS, self-hosted, or hybrid (split-plane), and it's built for enterprises needing an infrastructure-level guardrail/gateway plus red teaming across many LLM apps and agents. It's a weaker fit for teams wanting deep source-code/SDLC AppSec scanning; that is not its focus.

Which OWASP LLM Top 10 risks does NeuralTrust cover?

NeuralTrust's strongest verdict is LLM01Prompt Injection. The two tables below come from our editorial read of NeuralTrust's public documentation as of (it's what the docs support, not a hands-on lab test), and this row also sits in the full matrix across all 21 vendors.

OWASP LLM Top 10 (2025) coverage — as of 2026-07-13
OWASP LLM Risk What it is NeuralTrust coverage How it's addressed Source
LLM01 Prompt Injection User or hidden input overrides the model's rules or intended behavior. Covered TrustGate/TrustGuard detect and block prompt injection and jailbreaks; 150+ attack catalogue. https://neuraltrust.ai/
LLM02 Sensitive Information Disclosure The model leaks secrets, personal data, or proprietary content in its output. Covered DLP and data-protection guardrails; split-plane keeps data in policy boundary. https://neuraltrust.ai/
LLM03 Supply Chain Compromised models, datasets, plugins, or dependencies add risk before runtime. Partial Free MCP Scanner identifies vulnerabilities and misconfigurations (tool poisoning, RCE-chaining, data exfiltration) in MCP server setups — a narrow supply-chain-adjacent surface, not comprehensive model/dependency supply-chain scanning. https://neuraltrust.ai/mcp-scanner
LLM04 Data and Model Poisoning Tampered training or fine-tuning data corrupts how the model behaves. Partial TrustTest's red-teaming catalog explicitly tests 'Context poisoning' and the Echo Chamber attack, but this is runtime conversational/context poisoning rather than training-data or model-weight poisoning as defined by OWASP LLM04. https://neuraltrust.ai/red-teaming
LLM05 Improper Output Handling Downstream systems trust model output without checking it, enabling injection or code execution. Covered TrustGuard (inline enforcement engine within TrustGate) 'inspects every input and output, enforcing security decisions inline,' with dedicated content filtering/PII redaction applied to model outputs before they reach users or trigger downstream actions. https://neuraltrust.ai/llms-full.txt
LLM06 Excessive Agency An agent holds more permissions, tools, or autonomy than the task needs. Partial Tool-use permissions and agent posture management (TrustLens) constrain agent actions. https://neuraltrust.ai/
LLM07 System Prompt Leakage The system prompt or the secrets inside it get exposed to users. Partial TrustTest's documented taxonomy of tested failure modes explicitly includes 'System-prompt extraction' — a testing/detection capability rather than an explicit dedicated runtime-blocking control. https://neuraltrust.ai/red-teaming
LLM08 Vector and Embedding Weaknesses Flaws in RAG stores let attackers poison, extract, or infer data. Not covered No vector/embedding security capability documented across gateway, red-teaming, or the full product-overview page. https://neuraltrust.ai/llms-full.txt
LLM09 Misinformation The model produces false or fabricated content that users act on. Covered 'Hallucination' is explicitly listed in TrustTest's documented taxonomy of tested failure modes/attacks. https://neuraltrust.ai/red-teaming
LLM10 Unbounded Consumption Uncontrolled requests drive cost, denial of service, or model extraction. Partial Gateway (TrustGate) enforces policy at scale (20K rps/node); rate-limit style controls implied but not detailed. https://neuraltrust.ai/
MITRE ATLAS coverage — as of 2026-07-13
ATLAS Technique (ID) Tactic NeuralTrust coverage Notes Source
LLM Prompt Injection (AML.T0051) Initial Access / Execution Covered Runtime detection and blocking of prompt injection. https://neuraltrust.ai/
LLM Jailbreak (AML.T0054) Defense Evasion Covered Jailbreak detection in attack catalogue. https://neuraltrust.ai/
LLM Data Leakage (AML.T0057) Exfiltration Covered DLP guardrails to prevent data leakage. https://neuraltrust.ai/
LLM Plugin Compromise (AML.T0053) Execution Partial Tool-use permissions limit plugin/tool abuse. https://neuraltrust.ai/
Craft Adversarial Data (AML.T0043) ML Attack Staging Partial TrustTest runs adversarial red-team attacks. https://neuraltrust.ai/
Denial of ML Service (AML.T0029) Impact Unverified Gateway scale implies some abuse control; not confirmed. None found

Is NeuralTrust independent, and how is it funded?

NeuralTrust is an independent company as of . It has raised $20M (€17.2M seed) to date, most recently a Seed dated 2026-06. Lead investors: Alstin Capital, VentureFriends.

NeuralTrust alternatives

The closest alternatives we track in Guardrails / LLM Firewall are Enkrypt AI, Lakera, Lasso Security. On the open-source side, Guardrails covers similar ground.

Frequently asked questions

What is NeuralTrust used for?

NeuralTrust is a Guardrails / LLM Firewall vendor. Its flagship product is NeuralTrust AI Gateway + TrustGuard/TrustLens/TrustTest. It ships as SaaS, self-hosted, or hybrid (split-plane), and it's built for enterprises needing an infrastructure-level guardrail/gateway plus red teaming across many LLM apps and agents.

Is NeuralTrust independent or acquired?

NeuralTrust is an independent company as of 2026-07-13 and has not been acquired.

How many OWASP LLM Top 10 risks does NeuralTrust cover?

We score NeuralTrust as Covered on 4 of the ten OWASP LLM Top 10 (2025) risks, with 5 more Partial, as of 2026-07-13. The table on this page breaks down every risk, including the ones marked Not covered or Unverified.

How is NeuralTrust deployed?

NeuralTrust ships as SaaS, self-hosted, or hybrid (split-plane).

What are the best alternatives to NeuralTrust?

The closest Guardrails / LLM Firewall alternatives llmthreat tracks are Enkrypt AI, Lakera, Lasso Security. On the open-source side, Guardrails covers similar ground.

Last verified . Sources: https://neuraltrust.ai/, https://neuraltrust.ai/about, https://www.eu-startups.com/2026/06/barcelona-based-neuraltrust-raises-e17-2-million-to-secure-and-govern-enterprise-ai-agents/, https://www.crunchbase.com/organization/neuraltrust. Funding and repo figures are third-party and go stale. Re-verify before you rely on them.
Informational, not professional security advice — verify NeuralTrust's claims and threat coverage against the official OWASP and MITRE sources and the vendor directly before making a purchasing or security decision. OWASP, MITRE, and the listed vendors and maintainers do not endorse llmthreat.com.