ML-powered PII detection, LLM injection scoring, SIEM integration, compliance reports, and team-scoped policies — built for regulated industries.
Purpose-built capabilities for organizations that need rigorous control over their AI infrastructure.
Transformer-based entity recognition detects emails, phone numbers, SSNs, credit cards, and names with high confidence. Redact, mask, or tokenize before data reaches the model.
Classifier model scores every user message for injection attempts. Higher accuracy than heuristic detection, with confidence scores and reasoning.
Stream audit logs directly to Splunk or Elastic. Native integration with your existing security operations infrastructure.
Generate SOC2 and HIPAA formatted audit exports. Pre-built report templates for compliance reviews and auditor requests.
Scope policies to teams and namespaces. Different rules for different agents. Centrally managed, git-versioned.
Real-time notifications via Slack, PagerDuty, or generic webhooks. Alert on policy violations, injection attempts, or rate limit breaches.
Synchronize configuration across proxy replicas. Multi-node deployment with consistent policy enforcement.
Start with open source. Scale with Enterprise.
For developers and small teams
For growing teams shipping AI to production
For regulated industries and large organizations
Bastion OSS is free and fully featured. Enterprise adds ML-powered security, compliance, and operational tooling.
| Feature | OSS | Enterprise |
|---|---|---|
| Transparent LLM proxy | ✓ | ✓ |
| Policy engine (bastion.yaml) | ✓ | ✓ |
| Provider routing + fallback | ✓ | ✓ |
| Exact-match response cache | ✓ | ✓ |
| Heuristic injection detection | ✓ | ✓ |
| Token-bucket rate limiting | ✓ | ✓ |
| File/stdout audit log | ✓ | ✓ |
| Cost estimation per request | ✓ | ✓ |
| Hot config reload | ✓ | ✓ |
| Semantic response cache | — | ✓ |
| ML-based PII detection | — | ✓ |
| LLM injection scoring | — | ✓ |
| SIEM / Splunk export | — | ✓ |
| SOC2 / HIPAA reports | — | ✓ |
| Team-scoped RBAC | — | ✓ |
| Slack / PagerDuty alerting | — | ✓ |
| Multi-replica config sync | — | ✓ |
| Managed cloud proxy | — | ✓ |
| SLA + support | — | ✓ |
Bastion Enterprise meets the security and compliance requirements of healthcare, finance, and government organizations.
Pre-built audit trails, access controls, and reporting templates aligned with SOC 2 Type II requirements. Simplify your compliance review process.
PII detection and redaction, encrypted audit logs, and access controls designed for protected health information. Export-ready compliance reports.
Three products designed to work together across the entire agent lifecycle.
Agent definitions as code. Version-controlled, reproducible deployments.
Real-time traces, spans, and metrics for every agent action.
Policy enforcement, compliance reporting, and audit at scale.
Get started with Bastion Enterprise. We'll help you deploy, configure, and integrate.
Contact Sales