llmthreat
For vendors 21 vendors · 10 tools Matrix Vendors

Prompt Security is a Guardrails / LLM Firewall vendor based in New York, USA. Its flagship product is Prompt Security GenAI Protection Platform (employee AI / shadow AI, homegrown app protection). Against the OWASP LLM Top 10 (2025) we score it Covered on 3 of 10 risks, Partial on 4, with 6 MITRE ATLAS techniques mapped as of . It now operates under SentinelOne.

3/10
Risks covered
4
Partial
6
ATLAS techniques
~$23M total ($5M seed + $18M Series A)
Funding
Acquired
Status

At a glance

Category
Guardrails / LLM Firewall
Headquarters
New York, USA
Founded
2023
Employees
11-50 (approx)
Flagship product
Prompt Security GenAI Protection Platform (employee AI / shadow AI, homegrown app protection)
Deployment
SaaS + on-prem/self-hosted; inline proxy, browser extension, SDK
Best for
Governing employee GenAI/shadow-AI usage and wrapping homegrown LLM apps with real-time DLP and injection defense
Funding to date
~$23M total ($5M seed + $18M Series A)
Last round
Series A ($18M) · 2024
Status
Acquired by SentinelOne

Facts as of .

What does Prompt Security do?

A GenAI firewall pointed both ways — at employees' shadow-AI use and at your own LLM apps; acquired by SentinelOne. It ships as SaaS + on-prem/self-hosted; inline proxy, browser extension, SDK, and it's built for governing employee GenAI/shadow-AI usage and wrapping homegrown LLM apps with real-time DLP and injection defense. It's a weaker fit for model artifact scanning or ML training-pipeline supply-chain security.

Which OWASP LLM Top 10 risks does Prompt Security cover?

Prompt Security's strongest verdict is LLM01Prompt Injection. The two tables below come from our editorial read of Prompt Security's public documentation as of (it's what the docs support, not a hands-on lab test), and this row also sits in the full matrix across all 21 vendors.

OWASP LLM Top 10 (2025) coverage — as of 2026-07-13
OWASP LLM Risk What it is Prompt Security coverage How it's addressed Source
LLM01 Prompt Injection User or hidden input overrides the model's rules or intended behavior. Covered Secures homegrown apps against prompt injection in real time. https://prompt.security/solutions/homegrown-genai-apps
LLM02 Sensitive Information Disclosure The model leaks secrets, personal data, or proprietary content in its output. Covered Filters/obfuscates sensitive data to prevent exfiltration to 3rd-party LLMs and vector DBs. https://prompt.security/solutions/homegrown-genai-apps
LLM03 Supply Chain Compromised models, datasets, plugins, or dependencies add risk before runtime. Not covered No mention across product docs (homepage, product/solution pages, vulnerability taxonomy list covering Prompt Injection, Jailbreak, Privilege Escalation, Data Privacy, Toxic Content, Denial of Wallet/Service, Prompt Leak) — model/software supply-chain security is absent. https://prompt.security/vulnerabilities/jailbreak
LLM04 Data and Model Poisoning Tampered training or fine-tuning data corrupts how the model behaves. Not covered No mention of data/model poisoning as a product capability across homepage or vulnerability pages checked; blog has general research posts on the topic but no documented product feature. https://prompt.security
LLM05 Improper Output Handling Downstream systems trust model output without checking it, enabling injection or code execution. Partial Blocks RCE and manipulated outputs; response redaction/blocking. https://prompt.security/solutions/homegrown-genai-apps
LLM06 Excessive Agency An agent holds more permissions, tools, or autonomy than the task needs. Partial Policy enforcement over AI tool actions; agentic controls noted post-acquisition. https://prompt.security/solutions/homegrown-genai-apps
LLM07 System Prompt Leakage The system prompt or the secrets inside it get exposed to users. Partial Detects jailbreaks/injection aimed at revealing system context. https://prompt.security/vulnerabilities/jailbreak
LLM08 Vector and Embedding Weaknesses Flaws in RAG stores let attackers poison, extract, or infer data. Partial Redacts sensitive data before it reaches vector databases. https://prompt.security/solutions/homegrown-genai-apps
LLM09 Misinformation The model produces false or fabricated content that users act on. Not covered Hallucination/misinformation detection is absent from the documented vulnerability taxonomy and homepage feature list; platform focuses on input/output security and governance, not output factuality. https://prompt.security/vulnerabilities/jailbreak
LLM10 Unbounded Consumption Uncontrolled requests drive cost, denial of service, or model extraction. Covered Protects homegrown apps against Denial of Wallet / unbounded consumption. https://prompt.security/solutions/homegrown-genai-apps
MITRE ATLAS coverage — as of 2026-07-13
ATLAS Technique (ID) Tactic Prompt Security coverage Notes Source
LLM Prompt Injection (AML.T0051) Initial Access / Execution Covered Core defense for homegrown apps. https://prompt.security/solutions/homegrown-genai-apps
LLM Jailbreak (AML.T0054) Defense Evasion Covered Dedicated jailbreak detection. https://prompt.security/vulnerabilities/jailbreak
LLM Data Leakage (AML.T0057) Exfiltration Covered Real-time DLP redaction of sensitive data to/from LLMs. https://prompt.security/solutions/homegrown-genai-apps
Cost Harvesting (AML.T0034) Impact Partial Denial-of-Wallet protection limits resource abuse. https://prompt.security/solutions/homegrown-genai-apps
LLM Plugin Compromise (AML.T0053) Execution Partial Blocks RCE and unsafe tool/plugin actions. https://prompt.security/solutions/homegrown-genai-apps
Extract LLM System Prompt (AML.T0056) Discovery Partial Detects extraction/jailbreak attempts targeting system context. https://prompt.security/vulnerabilities/jailbreak

Is Prompt Security independent, and how is it funded?

Prompt Security was acquired by SentinelOne for ~$250M reported; SEC filing lists ~$133.6M cash + 1,555,099 Class A shares + assumed options (2025-08-05; completed 2025-09-05) and now operates as a brand of SentinelOne. Packaging, pricing, and support can shift under new ownership, so confirm current terms with SentinelOne before you buy.

Prompt Security alternatives

The closest alternatives we track in Guardrails / LLM Firewall are Enkrypt AI, Lakera, Lasso Security. On the open-source side, Guardrails covers similar ground.

Frequently asked questions

What is Prompt Security used for?

Prompt Security is a Guardrails / LLM Firewall vendor. Its flagship product is Prompt Security GenAI Protection Platform (employee AI / shadow AI, homegrown app protection). It ships as SaaS + on-prem/self-hosted; inline proxy, browser extension, SDK, and it's built for governing employee GenAI/shadow-AI usage and wrapping homegrown LLM apps with real-time DLP and injection defense.

Is Prompt Security independent or acquired?

Prompt Security was acquired by SentinelOne and now operates as a subsidiary, as of 2026-07-13.

How many OWASP LLM Top 10 risks does Prompt Security cover?

We score Prompt Security as Covered on 3 of the ten OWASP LLM Top 10 (2025) risks, with 4 more Partial, as of 2026-07-13. The table on this page breaks down every risk, including the ones marked Not covered or Unverified.

How is Prompt Security deployed?

Prompt Security ships as SaaS + on-prem/self-hosted; inline proxy, browser extension, SDK.

What are the best alternatives to Prompt Security?

The closest Guardrails / LLM Firewall alternatives llmthreat tracks are Enkrypt AI, Lakera, Lasso Security. On the open-source side, Guardrails covers similar ground.

Last verified . Sources: https://prompt.security/press/prompt-security-emerges-from-stealth-with-5m-seed-to-be-enterprises-one-stop-for-generative-ai-security, https://www.calcalistech.com/ctechnews/article/hkx8pismkg, https://siliconangle.com/2025/08/05/sentinelone-acquires-ai-security-startup-prompt-security/, https://www.sec.gov/Archives/edgar/data/1583708/000158370825000159/s-20251031.htm, https://prompt.security/solutions/homegrown-genai-apps. Funding and repo figures are third-party and go stale. Re-verify before you rely on them.
Informational, not professional security advice — verify Prompt Security's claims and threat coverage against the official OWASP and MITRE sources and the vendor directly before making a purchasing or security decision. OWASP, MITRE, and the listed vendors and maintainers do not endorse llmthreat.com.