VirtueGuard FAQ
What is VirtueGuard?
VirtueGuard provides real-time, multilingual, multimodal guardrails for AI agents, models, apps, and chatbots.
What modalities are supported for VirtueGuard?
Virtue AI supports guardrails for code, text, image, audio, and video.
Does VirtueGuard support custom policies?
Yes, VirtueGuard, both for models and agents, supports both standard policies (e.g., EU AI ACT, GDPR) and organization-specific policies.
How does VirtueGuard-Code differ from general purpose LLM based code scanners?
VirtueGuard-Code is powered by a purpose built security model designed specifically for code analysis by Virtue AI, not a general purpose LLM. This specialization enables speed and precision when detecting real vulnerabilities in production code and supports flexible deployment options, including on premises. VirtueGuard-Code is available as a plugin for IDEs such as VS Code, Cursor, and Windsurf.
How does VirtueGuard integrate with my stack?
VirtueGuard integrates directly into the AI platforms enterprises already rely on including OpenAI, Anthropic, Google Vertex AI, and Azure. The result is security that integrates seamlessly across the organization while giving security teams clear, enforceable control.
PolicyGuard
What is PolicyGuard?
PolicyGuard enables enterprises to quickly and easily define, edit, and enforce custom AI runtime protection guardrails across models, agents, and applications.
What's the difference between PolicyGuard and VirtueGuard-Text Lite?
VirtueGuard-Text Lite is a lightweight text guardrail designed for common, well-understood risk categories. It inspects inputs and outputs in real time to detect and block broadly harmful or non-compliant content. It's fast, easy to deploy, and provides baseline protection across standard text-based AI use cases.
PolicyGuard operates at a different layer. It is a policy enforcement system with both probabilistic and logical reasoning based deterministic backend, built for customized enterprise scenarios, where risk is specific, contextual, and tied to internal policies and regulatory obligations.
Instead of relying on predefined categories, PolicyGuard allows teams to define granular policies in natural language, aligned to their organization's standards. It enforces those policies across models, agents, and applications, including agent actions, tool calls, and multi-step workflows.
In practice, VirtueGuard-Text Lite helps you catch common harmful content. PolicyGuard gives you fine-grained control over how your AI systems behave, ensuring they operate in line with your enterprise policies across every scenario.
What problem does PolicyGuard solve?
Enterprise AI guardrails today are static, fragmented, and generic. Most organizations already have AI acceptable use policies, but those policies are difficult to translate into adaptive, enforceable controls. At the same time, AI risk has moved beyond text. It now includes agent actions, API calls, and multi-step workflows. Without AI-native policy enforcement, organizations end up with an uneven risk posture that is difficult to audit and not strong enough to contain incidents.
How is PolicyGuard different from other AI guardrails?
PolicyGuard enforces policies at runtime across models, agents, and applications. It applies policies to agent actions, tool calls, and multi-step workflows, not just text.
It allows enterprises to define policies in natural language, specifying risk categories, behaviors, and enforcement criteria without relying on engineering teams. It also supports native multilingual enforcement, evaluating content in its original language to preserve context, reduce false positives, and eliminate translation blind spots.
PolicyGuard enables teams to stack regulatory frameworks and internal policies into a single, traceable enforcement layer, applying consistent controls across their entire environment. As systems evolve, policies can be continuously refined to maintain coverage and reduce gaps, without requiring retraining.
Can I use my existing AI acceptable use policies?
Yes. PolicyGuard extracts policies from existing PDFs, websites, and JSON and converts them into enforceable controls in minutes. This allows teams to operationalize existing governance frameworks without manual translation.
How do I create new policies? Do I need engineering support?
No engineering support is required. PolicyGuard allows teams to define and deploy policies using natural language. Users can specify risk categories, behaviors, and enforcement criteria in plain language, aligned to their internal standards.
What compliance frameworks are supported?
PolicyGuard includes a Policy Bank with 30+ existing security frameworks. These include:
Regulatory and Governance Controls
- California AB 2013
- California SB 53
- Colorado SB 24-205
- EU AI Act
- EU DORA
- EU DSA
- EU MiFID II
- EU PSD2
- EU UCPD
- Illinois HB 3773
- ISO/IEC 42001
- NIST AI RMF
- South Korea AI Basic Act
- Texas HB 149
- UK DPA 2018
- US FDA AI/ML Guidance
- Utah SB 149
Data Protection and Individual Rights
- California CCPA
- COPPA
- FERPA
- GDPR
- HIPAA
Safety-Critical and Societal Risk Controls
- MLCommons AILuminate
- Virtue General AI Safety Guard
Security, Abuse and System Integrity
- LLM Security Guide
- MITRE ATLAS
- OWASP Agentic Top 10
- OWASP AI Exchange
- OWASP AIVSS
- OWASP LLM Top 10 2025 Security Guard
- OWASP MCP Top 10
These frameworks can be applied alongside custom enterprise policies in a single enforcement layer.
How many policies can I apply at once?
PolicyGuard allows you to stack as many policies as needed. Regulatory frameworks and internal policies can be layered into a single, traceable enforcement layer with ultra-low latency.
How does PolicyGuard handle gaps or evolving risks?
PolicyGuard includes Policy Lab, where backend agents automatically analyze and refine policies to improve coverage, reduce inefficiencies, and close gaps. This happens without requiring model retraining or manual tuning.
Does PolicyGuard work across multiple languages?
Yes. PolicyGuard evaluates inputs and outputs in their native language, rather than relying on translation. This preserves context, eliminates translation blind spots, and reduces false positives while maintaining low latency.
For example, a slur, coded hate phrase, or culturally specific insult in a source language may translate into something neutral or meaningless in English, allowing it to pass traditional moderation filters. PolicyGuard applies policy where the meaning is clearest, in the original language, ensuring those signals are correctly identified and enforced.
Can PolicyGuard enforce policies on AI agents, not just chatbots?
Yes. PolicyGuard evaluates agent traces and function calls, enforcing policies on actions as well as inputs and outputs. Policies follow actions, not just text, which allows for stronger control over multi-step workflows and autonomous systems.
Will PolicyGuard impact latency or performance?
PolicyGuard uses a lightweight model and standard infrastructure to deliver low-latency enforcement.
How does PolicyGuard explain its decisions?
PolicyGuard provides detailed reasoning for every allow or block decision. These explanations are generated asynchronously, so there is no added latency to enforcement.
Is PolicyGuard audit-ready?
Yes. PolicyGuard includes centralized dashboarding with visibility into violations, users, API keys, and latency. All enforcement decisions are traceable, making the system audit-ready by default.
Where can PolicyGuard be deployed?
PolicyGuard supports on-prem, cloud, and SaaS deployments. It is lightweight and can be deployed within existing infrastructure, even on a single NVIDIA L4, with minimal overhead.
Do I need to retrain my models to use PolicyGuard?
No. PolicyGuard enforces policies at runtime and does not require model retraining.
How fast can I get PolicyGuard into production?
PolicyGuard is designed for fast rollout with minimal infrastructure changes. Teams can align existing policies and begin enforcement quickly without bottlenecks.