HomeProductEnforcement

Policy enforcement
That actually enforces

Powered by the KoraSafe Enforcement agent and its fleet of Guardian agents: KoraSafe PII Sentinel, KoraSafe Bias Watchdog, KoraSafe Hallucination Detector, KoraSafe Cost Monitor, and KoraSafe Autonomy Governor. Every violation tracked, every action timestamped, every resolution auditable.

Policy Engine

Policy engine

From input filtering to emergency circuit breakers, each policy type addresses a distinct enforcement need. Compose them together for defense-in-depth coverage.

  • Input Filter -- scrub sensitive data before it reaches the model
  • Output Filter -- intercept and redact model responses
  • Approval Workflow -- human-in-the-loop for high-impact actions
  • Circuit Breaker -- emergency kill switch on threshold breach
  • LLM-as-Judge -- secondary model evaluates primary outputs
  • Pre-deployment Gate -- block non-compliant agents from production
  • Rate Limiting -- control frequency and volume of interactions
POLICY ENGINE Input Filter Output Filter Approval Flow Circuit Breaker LLM-as-Judge Pre-deploy Gate Rate Limiting
Lifecycle

Policy lifecycle

Every policy follows a strict lifecycle path. Transitions are logged with timestamps and admin identity. Policies cannot skip states, ensuring full auditability.

  • Draft -- under review, not yet enforced
  • Active -- live enforcement in production
  • Paused -- temporarily suspended, reversible
  • Archived -- permanently deactivated, preserved for audit
Draft Active Paused Archived Reactivate Every transition logged: admin@company.com activated policy at 2026-04-07T14:30Z
Violations

Track, triage, and resolve

Every policy violation is captured with full context. Filter by severity and status, then resolve through an admin workflow with a complete audit trail.

  • Three severity levels: High, Medium, Low
  • Status tracking: Open and Resolved
  • Per-asset guardrail coverage indicators
  • Timestamped audit trail for every action
VIOLATION SEVERITY BREAKDOWN 3 High severity PII, boundary, safety failures OPEN 7 Medium severity Policy near-misses, partial gaps 5 OPEN 12 Low severity Warnings, documentation gaps RESOLVED 70% resolved -- 22 total violations
How Enforcement Works

When a Guardian agent detects a violation, it triggers the appropriate policy automatically. Every step is logged for regulatory evidence.

Detection
Guardian agent identifies a policy breach or anomaly in real time
Policy Trigger
Matching enforcement policy activates - filter, circuit breaker, or approval gate
Resolution
Admin reviews the violation, confirms severity, and marks it as resolved
Audit Trail
Timestamped record of detection, policy action, and resolution - audit-ready
Policy Types Explained

Seven enforcement mechanisms, each built for a specific threat

Input Filter

Blocks or sanitizes inputs before they reach the AI model. Use input filters to strip PII, remove prompt injection attempts, or enforce content policies on user-submitted text before the model ever processes it.

Output Filter

Scans model outputs against defined rules before returning them to the user. Output filters catch leaked credentials, toxic language, or responses that violate your organization's content guidelines, and either redact or block the response entirely.

Approval Workflow

Routes high-risk actions to a human reviewer with configurable routing rules. You define which actions require approval, who the approvers are, and what escalation paths apply when approvers are unavailable. The AI system pauses until a human explicitly approves or rejects.

Circuit Breaker

Automatically disables an AI system when error rates or violation counts exceed thresholds you set. Circuit breakers act as an emergency kill switch, shutting down a misbehaving system before it causes further harm, then alerting the operations team to investigate.

LLM-as-Judge

A second LLM evaluates whether outputs meet governance criteria. This approach catches nuanced policy violations that regex-based filters miss, such as subtle bias, misleading framing, or responses that are technically accurate but contextually inappropriate.

Pre-deployment Gate

Blocks deployment when a system's compliance score falls below a threshold you configure. Pre-deployment gates integrate into your CI/CD pipeline and prevent non-compliant AI systems from reaching production, regardless of who pushes the code.

Rate Limiting

Throttles request volume per user, per system, or per API key. Rate limiting prevents abuse, controls costs, and ensures fair access across teams. You set the thresholds, and the policy engine enforces them automatically with configurable response behavior for throttled requests.