AI Platform Security Shield

Shield your AI platform
from within.

API Phantom is a security reverse-proxy for LLM platforms. It enforces authentication, detects SQL injection in JSON payloads, stores system prompts in a tamper-proof vault, and runs autonomous red-team probes around the clock.

Deploy API Phantom → GitHub ↗
4-layer
Security architecture
24/7
Autonomous red-team
0
Code changes needed
api-phantom — request pipeline ● live
Inbound request
① Auth Enforcer JWT / mTLS / API-key verification
② SQL Injection Filter JSON key + value pattern scan
③ IDOR Middleware Object-level authorization check
④ Prompt Vault Versioned, hash-chained prompts
⑤ Upstream LLM OpenAI / Anthropic / self-hosted
Audit Chain Every request → append-only log
Red-team agent — continuous autonomous probing
Security Layers

Four layers. One proxy.

API Phantom wraps your AI platform as a transparent security layer — no SDK changes, no code modifications required.

Layer 1

Auth Enforcement

JWT validation with JWKS caching, mTLS certificate verification, API-key allowlists with expiry checks, and per-route role requirements.

Layer 1

SQL Injection Shield

Extended SQL injection detection targeting JSON key names, column aliases, and table references — catching the novel variants that missed the McKinsey Lilli breach.

🔎
Layer 1

IDOR Detection

Object-level authorization middleware that detects resource ID enumeration, cross-user access patterns, and blind iteration sequences.

🔒
Layer 2

Prompt Integrity Vault

Versioned, immutable system prompt storage with SHA-256 hash chains, advisory-locked writes, and a continuous integrity monitor that pages on tampering.

Layer 3

Autonomous Red-Team Agent

Python agent that continuously probes auth gaps, SQL injection surfaces, IDOR vulnerabilities, prompt integrity, and error leakage — reporting to the dashboard in real time.

Layer 4

Tamper-Proof Audit Chain

Every proxied request writes to a PostgreSQL append-only audit log with a cryptographic hash chain — INSERT-only role enforced at the database level.

Deployment

Deploy in minutes

API Phantom runs as a Docker Compose stack or Kubernetes deployment. No code changes in your LLM application.

01

Point traffic at API Phantom

Route your LLM platform traffic through the API Phantom proxy. Update one environment variable — no SDK changes, no code modifications.

docker compose up in < 2 minutes
02

Configure security policies

Set auth methods (JWT/mTLS/API-key), define allowlists, configure IDOR checks, and load your system prompts into the Prompt Vault via the admin API.

YAML config or REST API
03

Monitor the dashboard

Watch real-time security events, red-team probe results, audit chain integrity, and threat analytics — all in the built-in React dashboard.

TOTP-secured admin portal
Pricing

Open source core. Enterprise support.

Developer
Free open source
  • Full proxy + auth enforcement
  • SQL injection & IDOR detection
  • Prompt Vault (local DB)
  • Basic red-team probes
  • Community support
Get on GitHub
Most Popular
Team
$149 per month
  • Everything in Developer
  • Managed Prompt Vault (cloud sync)
  • Advanced red-team agent (all 5 probes)
  • Real-time alerting (Slack, PagerDuty)
  • Dashboard with full analytics
  • 10-user dashboard seats
  • Priority support (24h SLA)
Start Team Trial
Enterprise
Custom contact us
  • Everything in Team
  • On-premise / air-gap deployment
  • HashiCorp Vault integration
  • SSO / SAML / OIDC
  • SOC2 audit export
  • Custom red-team probe rules
  • Dedicated security engineer
Talk to Sales
Get Started

Secure your AI platform today

We'll help you deploy API Phantom and configure it for your AI stack.