AI safety + red-team for security teams
The eval + guardrail + red-team + audit platform built by + for security people. 300+ attack plugins, 50+ strategies, adaptive multi-turn engine — the deepest red-team coverage of any LLM-safety platform, period. Plus the audit trail your SOC + your customer's procurement security review need.

What ships today
Honest posture, not roadmap promises
Every checked item is in production today. In-progress items are flagged explicitly — no overclaiming, no vapor.
Built for buyer reality
Cybersecurity AI use cases we ship for
Pre-prod LLM application security testing
Security team needs to test every customer-facing LLM app for jailbreak / PII-extraction / prompt-injection BEFORE prod release. Manual red-teaming doesn't scale; off-the-shelf tools test 30 attacks.
EvalGuard features
- 300+ attack plugins across 50+ strategies (far deeper red-team coverage than off-the-shelf open-source tools)
- Adaptive engine uses UCB1 to focus on attacks that ACTUALLY work for the target
- OWASP LLM Top 10 + Agentic AI Top 10 + MITRE ATLAS coverage per scan
- Per-finding evidence: request, response, attack vector, suggested fix
Continuous red-team in production
SOC team wants a continuous attack feed against the production LLM endpoint. Need synthetic-traffic that doesn't pollute real customer data + alerting that distinguishes real attacks from synthetic.
EvalGuard features
- Synthetic-traffic mode: scans tagged + filtered out of real-customer cost/audit ledgers
- Wilson-interval early-stopping on red-team campaigns (don't waste cycles on convergent strategies)
- Integration with your SIEM via webhook (Splunk + Datadog + Sentry receivers built-in)
- Threat-intel feed for runtime attack-corpus updates (no manual plugin curation)
Customer-facing SOC-2 / vendor-security review
Customer's procurement team asks 'show me your LLM safety posture.' Need to hand them a control-mapping report, not a 30-page narrative.
EvalGuard features
- SOC 2 Common Criteria control mappings auto-generated per scan
- Customer-shareable evidence bundle (PDF + JSON, no internal IP leakage)
- OWASP LLM Top 10 coverage report (every control with attack examples + pass/fail)
- Auditor-friendly tamper-evident audit log (every scan finding cryptographically signed)
Internal AI-skill / agent security review
Eng + product teams are shipping Claude / Custom GPTs / agent workflows internally. Security team needs to scan every config-bundle for risky tool grants + prompt-injection surfaces BEFORE they go live.
EvalGuard features
- AI-skill-package scanner (Skills, Custom GPTs, agent configs) — catches over-permissive tool grants
- Evil-MCP-server target for safe red-team training environments
- Repo-scanner detects leaked API keys + insecure prompt patterns in agent code
- MCP-gateway runtime tool-pinning prevents agent supply-chain swap attacks
Wire it in 60 seconds
300+ plugins · 50+ strategies · one CLI
The evalguard CLI runs the full red-team locally — no API key required for the offline pack. Point it at your endpoint config + plug into your CI pipeline.
# Install the CLI
npm i -g @evalguard/cli
# Run the offline red-team against an endpoint config
# (OWASP LLM Top 10 + MITRE ATLAS plugins, JSON/YAML config)
evalguard scan:local ./red-team.config.yaml \
--output ./out/findings.json --verbose
# Scan model artifacts for trojans / backdoors before deploy
evalguard model-scan ./models/finetuned.safetensors \
--severity high --format json
# Scan a repo for risky agent tool grants + leaked secrets
evalguard repo-scan ./my-agent --format json > scan.jsonwrapOpenAI for wrapAnthropic.Stack
Six surfaces, one platform
Eval, firewall, red-team, audit, BYOK, dashboard — every surface ships out of the box. No bolt-on vendors, no procurement cycle per capability.
Ship the deepest LLM red-team coverage in the industry.
Free trial includes all 300+ plugins, the adaptive engine, OWASP + NIST control mapping, and the full audit trail. SOC2 + OWASP evidence bundles ready for your next customer security review.
Apache-2.0 source · SOC 2 evidence engine live · full trust center