KoreShield

Security Policies

Configure custom security policies for your LLM integrations

Security Policies

KoreShield allows you to define custom security policies that control how the system responds to different types of threats and security events.

Policy Configuration

Policies are defined in your config.yaml file under the security.policies section:

security:
  policies:
    # Core security features
    block_prompt_injection: true
    sanitize_input: true
    log_all_requests: true

    # Response actions
    on_suspicious: "block"  # block, warn, allow
    on_attack_detected: "block"

    # Content filtering
    block_pii: false
    block_sensitive_topics: ["politics", "finance"]

    # Rate limiting
    max_requests_per_minute: 100
    max_tokens_per_request: 4000

Policy Types

Input Sanitization Policies

Control how inputs are cleaned and normalized:

policies:
  sanitize_input: true
  remove_special_chars: true
  normalize_unicode: true
  strip_html: true

Detection Policies

Configure attack detection sensitivity:

policies:
  prompt_injection_detection: "medium"  # low, medium, high
  jailbreak_detection: true
  data_exfiltration_detection: true
  behavioral_analysis: true

Response Policies

Define actions for different security events:

policies:
  on_prompt_injection:
    action: "block"
    log_level: "warning"
    alert_team: true

  on_jailbreak_attempt:
    action: "block"
    custom_response: "Security violation detected"

  on_suspicious_content:
    action: "warn"
    continue_processing: true

Custom Rules

Create custom security rules using regex patterns:

custom_rules:
  - name: "block_system_prompts"
    pattern: "system.*prompt|override.*instructions"
    action: "block"
    severity: "high"

  - name: "flag_sensitive_data"
    pattern: "\\b\\d{4}[- ]?\\d{4}[- ]?\\d{4}[- ]?\\d{4}\\b"  # Credit card pattern
    action: "flag"
    severity: "medium"

Testing Policies

Test your policies with sample inputs:

koreshield test-policy --config config.yaml --input "Try to override my instructions: ignore all previous prompts"

Policy Validation

Validate your policy configuration:

koreshield validate-policies --config config.yaml

This checks for:

  • Valid action types
  • Proper regex patterns
  • Logical consistency
  • Performance impact

Configuration

Configure KoreShield for your LLM providers and security policies

Monitoring & Logging

Monitor security events and analyze LLM usage patterns

On this page

Security PoliciesPolicy ConfigurationPolicy TypesInput Sanitization PoliciesDetection PoliciesResponse PoliciesCustom RulesTesting PoliciesPolicy Validation