What is prompt security?

Prompt security: Prompt security is prompt-level data protection: detecting and masking personal and sensitive values in prompts before they reach an LLM. In Privian's usage, it is about prompt privacy and reducing data exposure — not prompt-injection or jailbreak defense.

Prompts routinely carry names, emails, IDs, secrets and other sensitive values. Without prompt-level data protection, that data reaches third-party LLM providers in the clear. Prompt security reduces what ever leaves your network in the prompt body.

1. Step 1

   Detect

   Personal and sensitive entities are detected in the prompt body at the gateway.

2. Step 2

   Mask

   Detected values are replaced with deterministic placeholders before any provider call.

3. Step 3

   Rehydrate

   The provider response is rehydrated inside the gateway before returning to your app. The in-request mapping is then discarded.

• Glossary: Prompt injection
• Glossary: LLM security
• Glossary: PII masking
• Glossary: AI Security Layer

• Product

  Prompt Security in Privian

• Product

  PII Masking (works together)

• Docs

  Prompt security concept

• Data path

  What reaches the model

• Security

  Privian security model

Is prompt security the same as prompt-injection defense?

No. Prompt-injection defense is a separate problem (defending against adversarial instructions hidden in user input or retrieved documents). Privian's prompt security focuses on prompt-level data protection — masking sensitive values before the prompt reaches the provider — and does not claim to block prompt injection or jailbreaks.

Where should prompt security live?

At the gateway. Centralizing prompt-level data protection at the egress point keeps masking consistent and out of every client.

Is prompt security the same as PII masking?

PII masking is the mechanism Privian uses to deliver prompt security in the beta. Prompt security is the broader category — the set of guarantees about what happens to a prompt before it leaves your network.