Glossary

What is prompt security?

Prompt security is prompt-level data protection: detecting and masking personal and sensitive values in prompts before they reach an LLM. In Privian's usage, it is about prompt privacy and reducing data exposure — not prompt-injection or jailbreak defense.

Definition

Prompt security is prompt-level data protection: detecting and masking personal and sensitive values in prompts before they reach an LLM. In Privian's usage, it is about prompt privacy and reducing data exposure — not prompt-injection or jailbreak defense.

Definition

Prompt security — short definition

Why it matters

Why this matters

Prompts routinely carry names, emails, IDs, secrets and other sensitive values. Without prompt-level data protection, that data reaches third-party LLM providers in the clear. Prompt security reduces what ever leaves your network in the prompt body.

Prompts routinely carry names, emails, IDs, secrets and other sensitive values. Without prompt-level data protection, that data reaches third-party LLM providers in the clear. Prompt security reduces what ever leaves your network in the prompt body.

How it works

How it works

A user produces a prompt. The gateway detects sensitive entities, masks them with deterministic placeholders, forwards the masked prompt to the LLM provider, and rehydrates placeholders in the response before returning it to the user.01User02Prompt03Detection04Masking05Provider06Rehydration
Prompt Privacy flowSensitive values are masked before egress and rehydrated on the return path.

Framework

Prompt security process

  1. 01

    Detect

    Personal and sensitive entities are detected in the prompt body at the gateway.

  2. 02

    Mask

    Detected values are replaced with deterministic placeholders before any provider call.

  3. 03

    Rehydrate

    The provider response is rehydrated inside the gateway before returning to your app. The in-request mapping is then discarded.

Implementation

Learn how this works in Privian

From definition to implementation, docs and architecture — the same idea at different layers.

FAQ

Frequently asked questions

Is prompt security the same as prompt-injection defense?
No. Prompt-injection defense is a separate problem (defending against adversarial instructions hidden in user input or retrieved documents). Privian's prompt security focuses on prompt-level data protection — masking sensitive values before the prompt reaches the provider — and does not claim to block prompt injection or jailbreaks.
Where should prompt security live?
At the gateway. Centralizing prompt-level data protection at the egress point keeps masking consistent and out of every client.
Is prompt security the same as PII masking?
PII masking is the mechanism Privian uses to deliver prompt security in the beta. Prompt security is the broader category — the set of guarantees about what happens to a prompt before it leaves your network.

Where to go next

From definition to implementation

This entry is part of the Privian content library. If you are evaluating how this concept is implemented in practice, the links below are the most direct paths.

Related product

Prompt Security in Privian

Edge-side prompt security: detection, masking and routing before the prompt leaves your stack.

Open product page →