PolicyGuard Overview
PolicyGuard is Virtue AI's enterprise-grade, real-time guardrail for AI applications. It lets you define policies, group them into policy groups, and combine those groups into guards that any agent, chat client, gateway, RAG system, or backend service can call through a single API to detect and block prompts, tool calls, and model responses that violate your organization's safety, brand, or compliance rules.
PolicyGuard gives security and platform teams a single control plane to define, refine, and enforce custom runtime protections across every model, agent, and AI-driven application in their ecosystem.
Platform Capabilities
| Capability | Detail |
|---|---|
| Policy enforcement | Real-time guardrail for conversation with text and code inputs and outputs. |
| Global language coverage | Out-of-the-box support for 100+ languages. |
| Low-latency inference | Sub-50ms end-to-end (model + network); core model inference under 10ms. |
| High accuracy | < 5% false-positive rate, tuned to keep production traffic flowing. |
| Framework coverage | 50+ industry frameworks — OWASP, NIST AI RMF, EU AI Act, FINRA, US state regulations, and more. |
| Custom policy ingestion | Upload PDFs / JSON, drag-and-drop policy docs, or describe rules in natural language and have an agent author them. |
| On-prem ready | Ships as a Docker image; minimum local GPU is a single NVIDIA L4 (H100 recommended for production). |
What PolicyGuard Does
PolicyGuard evaluates a piece of text — a user prompt, retrieved document, tool output, or model response — against the policies linked to a guard, and returns:
- A boolean
flagindicating whether the content violated any policy. - Per-policy probabilities and category booleans.
- Optional reasoning text explaining the decision.
- Per-request latency for observability.
Customers typically use PolicyGuard to block, alert, redact, route to review, or simply log content that violates their security policies.
Core Concepts
| Concept | Description |
|---|---|
| Policy | A single rule, defined with a name, description, block_activities, and safe_activities. |
| Policy Group | A collection of policies evaluated together, with a shared threshold and strictness_level (low / medium / high). |
| Guard | A named classifier endpoint that links one or more policy groups. Customer applications call a guard by UUID (gd_xxx). |
| Standard Policy | A ready-to-use policy group from the Virtue policy library (or shared by your team) that can be copied to bootstrap new guards. |
| Strictness Level | low / medium / high — controls how conservatively the model interprets borderline cases. |
| Threshold | A float in 0.0–1.0 controlling the cut-off for flagging a policy. |
A typical setup is: create a policy group → add policies to it → create a guard that links the policy group → use the guard's UUID from your application to provide input/output guardrails.
When to Use PolicyGuard
- Chat clients — guard user input and model output before either is shown.
- RAG systems — check questions, retrieved knowledge snippets, and final answers.
- Customer support for financial, healthcare, and internal-knowledge assistants — enforce brand, regulatory, and PII handling policies.
- Combined deployments — orchestrate PolicyGuard alongside DLP/PII tools or SIEM systems for layered protection.
For ready-to-use code samples covering each of these scenarios, see Integration Patterns.
Product Walkthrough
This walkthrough mirrors the end-to-end flow most teams follow on day one: review traffic in the dashboard → assemble policies → configure a guard → test it → monitor in production → optimize → integrate.
1. Governance Dashboard
The dashboard gives you a complete audit trail and observability into AI traffic protected by PolicyGuard.
At a glance you see total violations, average latency, and the distribution of violations by policy rule. Administrators can drill into recently flagged queries to inspect the original prompt, associated tool calls, and the specific rule that fired.
Selecting an entry shows the full interaction — useful when PolicyGuard blocks something like a user trying to bypass safety filters to buy illegal drugs through a retail assistant, or attempts to surface a competitor's pricing.
2. Build Policy Groups From the Virtue Policy Library
Policies live inside policy groups, and policy groups can be assembled from Virtue AI's library of out-of-the-box standard policies or from your own enterprise policies and rules.
The Virtue policy library covers 50+ industry-standard frameworks (OWASP, NIST AI RMF, EU AI Act, FINRA, state regulations, etc.). Every policy is fully auditable — expand a framework such as NIST RMF to see the underlying rules, for example:
- Block high-risk medical directives.
- Detect and filter step-by-step guides for weapon creation.
- Ensure recommendations route to professional assistance or emergency services where appropriate.
- Prevent the AI from prioritizing its own recommendations over human professional advice.
3. Extract Policies From Your Own Documents
PolicyGuard ships a backend agent that converts your internal policy documents into executable rules. Drag a PDF (or JSON file) into the From PDF uploader and the agent will extract corresponding policy rules for you.
Once extraction completes, the generated policy group appears in your library, ready to drop into any guard.
4. Generate Policies With Natural Language
You can also describe a rule in plain language and have an agent author it for you — for example: "Block any discussion that involves providing specific trade execution advice for securities."
The agent expands the prompt into a structured policy with clear
block_activities and safe_activities. You can review and edit the
generated rules before saving — in this case, blocking buy/sell
recommendations, trade-timing instructions, and personalized securities
trading guidance.
5. Configure a Custom Guard
Once your policy groups exist, deploying a new guard is straightforward.
Click New Guard, name it, give it a description, and pick the policy groups it should evaluate — you can combine the standard policies with custom policies extracted from your custom policy documents such as PDFs.
Optional settings (max input length, caching, query logging) live in the guard's Additional Settings panel — disable logging if your environment requires no-trace operation.
6. Test the Guard Inline
After saving, the guard is immediately active. Use the built-in tester to sanity-check it before flipping it on in production.
Example queries against a securities-focused guard:
- Flagged: "Is now a good time to buy Cloudflare stock? It just dropped 20%."
- Flagged: "What cybersecurity stocks should I invest in?"
- Safe: "What are good principles to consider when purchasing stocks?"
Because PolicyGuard supports 100+ languages out of the box, the same guard catches the same intent in any language with no extra configuration:
7. Intelligent Query Monitoring
In production, PolicyGuard streams a real-time feed of every prompt that hits a guard — with allow/block status and the specific policy rule that fired. Adding more (and more complex) policies does not impact latency.
All query history is searchable for audit by default. Teams with strict data-privacy requirements can disable query logging per-guard.
8. Optimize Guards With Policy Lab
Policy Lab automatically tunes your policies against a labeled test dataset — no model retraining, no manual rule tweaking.
Upload a labeled dataset, pick a policy group or guard, and inspect the records in the data viewer before running an evaluation.
Click Evaluate to measure the current policy's baseline performance against the dataset.
Then click Optimize and choose an optimization tier — Fast, High, or Max. Higher tiers take longer but yield stronger performance gains; pick the tier that matches your baseline results and time budget.
Track progress and review results in the Optimizations sidebar.
When optimization finishes, an improved version of the policy appears in your policy list, ready to drop into a guard.
In one example, the Policy Lab agent lifted the original policy's F1 from 67.6% → 89.5% automatically.
9. Integrate via REST or OpenAI-Compatible API
PolicyGuard plugs into your stack through a REST API. Create an API key in the dashboard, point your application at the guard's UUID, and you're done — integration is typically about five lines of code.
PolicyGuard accepts the OpenAI moderation request/response shape so existing OpenAI SDK code works with no changes other than the base URL. Per-guard API docs are also available directly in the app for quick reference.
For full request/response shapes and language-specific snippets, see Integration Patterns and the API Reference.
Deployment Options
PolicyGuard can be delivered in the format that best matches your environment:
| Deployment Option | Best For |
|---|---|
| Docker Compose | Fast on-premise pilot, single-node deployment, customer POC. |
| Helm / Kubernetes | Production private cloud or customer Kubernetes environment. |
| Terraform / IaC | Customer cloud deployment provisioned through standard IaC workflow. |
The deployment package includes the PolicyGuard backend, frontend, auth, storage, and (optionally) local model serving. Exact topology is finalized during deployment planning.
Hardware Requirements
The following is a practical starting point. Final sizing depends on request volume, max text length, concurrency, query-log retention, and whether the evaluator runs locally or against a hosted endpoint.
| Scenario | CPU | Memory | Disk | GPU |
|---|---|---|---|---|
| Pilot / POC | 4 vCPU | 16 GB | 50 GB SSD | 1× NVIDIA L4 or above |
| Standard production | 8–16 vCPU | 32–64 GB | 125–250 GB SSD/NVMe | 1× NVIDIA H100 recommended |
| High throughput | 16+ vCPU | 64+ GB | 250 GB+ NVMe | H100 class, scaled by throughput |
| SaaS host | 4–8 vCPU | 16–32 GB | 50–125 GB SSD | No local GPU required |
Disk is primarily used for PostgreSQL persistence (guards, policy groups, API keys, datasets, agent runs, and query logs). Customers with long audit retention should size storage separately for log growth.
Quick Start
Once PolicyGuard is deployed and you have created a guard, calling it from your application takes three values:
| Value | Description |
|---|---|
POLICYGUARD_BASE_URL | Base URL of the deployed API, e.g. https://policyguard.example.com. |
POLICYGUARD_API_KEY | API key created from the dashboard or POST /api/api-keys. Format: sk-vai-.... |
POLICYGUARD_GUARD_UUID | UUID of the guard to use, e.g. gd_xxxxxxxx. |
A minimal call:
curl -X POST "$POLICYGUARD_BASE_URL/api/topic_guard" \
-H "X-API-Key: $POLICYGUARD_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"guard_uuid": "'"$POLICYGUARD_GUARD_UUID"'",
"text": "Text to evaluate"
}'
A flag: true in the response means at least one linked policy group flagged
the content. See Integration Patterns for full input/output
moderation flows, and API Reference for the complete
endpoint list.
Integration Checklist
- Choose a deployment format: Docker Compose, Helm/Kubernetes, or Terraform/IaC.
- Confirm hardware sizing (L4 minimum, H100 recommended for production).
- Create a policy group and a guard in the PolicyGuard dashboard.
- Create an API key (
sk-vai-...). - Add a PolicyGuard call in your app, chat client, agent runtime, or gateway.
- Define what to do when content is flagged: block, alert, redact, review, or log.
- Optionally combine PolicyGuard with DLP, SIEM, or case-management systems.