Encryption
Sensitive credentials are encrypted before storage and protected in transit.
Security
Security controls for business and enterprise AI operations.
renlyAI is built for business and enterprise deployment with practical controls that security, platform, and compliance teams can operate day to day.
Core Controls
Security capabilities for production operations
Entra ID SSO
Enterprise sign-in and role-scoped access for organizations and projects.
Approval-gated writes
High-impact write actions require explicit user confirmation.
Audit visibility
Execution and administrative actions are captured for review.
OWASP Alignment
Built against the OWASP Top 10 for Agentic Applications
Prompt Injection Defense
User input wrapped in delimiter tags. Regex scanner blocks role override, DAN prompts, and delimiter injection attempts.
Excessive Agency Prevention
Write actions require explicit human approval. Agents cannot self-authorize cross-system changes.
Sensitive Data Exposure
Credential encryption (AES-256-GCM). No PII in tool responses without policy gate. Tenant-isolated data paths.
Denial of Service Controls
Per-org token quotas, rate limiting, and circuit breakers prevent single-tenant resource exhaustion.
Audit & Observability
Every AI decision logged with correlation IDs linking request, evaluation, and outcome into a traceable evidence chain.
Fail-Closed by Design
When governance services are unavailable, AI requests are blocked — never bypassed. renlyAI's model gateway implements per-organization circuit breakers. If the governance layer is unreachable, requests fail closed. There is no fallback to uncontrolled execution. This applies to both streaming and non-streaming AI requests.
Agent Security
Defense in depth for AI agent execution
Input Sanitization
All user messages are wrapped in delimiter tags before reaching the AI model, preventing prompt content from being interpreted as system instructions.
Injection Defense
A regex-based scanner evaluates all AI plans for known attack patterns: role overrides, "DAN" prompts, delimiter injection, and prompt extraction attempts. Matches are blocked before execution.
Three-Tier Policy Evaluation
Requests pass through static OPA rules (model blocklist, token limits), structural evaluation (regex/keyword matching), and semantic evaluation (LLM-powered analysis) before execution.
Human-in-the-Loop Escalation
When semantic evaluation confidence is below threshold, requests are escalated to human reviewers rather than auto-approved. No silent failures.
Control Matrix
How enterprises use these controls
| Security area | What teams get | Availability |
|---|---|---|
| Credential protection | Encrypted handling of API keys and integration credentials. | Available in renlyAI runtime |
| Identity and access | Entra ID sign-in and role-scoped access controls for teams and organizations. | Available in renlyAI runtime |
| Action safety | Preview and explicit human approval before high-impact write actions. | Available in renlyAI runtime |
| Model governance | Provider controls, plan-based model access, and Enterprise BYOLLM options. | Available in renlyAI runtime |
| Audit and traceability | Every decision logged with correlation IDs linking request, evaluation, and outcome into one evidence chain. | Available in renlyAI runtime |
| Fail-closed enforcement | When governance services are unavailable, AI requests are blocked — never bypassed. | Enterprise |
| Tenant-scoped policies | Governance policies, evaluation results, and audit data are isolated per organization. No cross-tenant access. | Enterprise |
| Prompt injection defense | Delimiter-tagged input isolation and regex-based plan scanning for known injection patterns. | Available in renlyAI runtime |
| Rate limiting & quotas | Per-organization token quotas and circuit breakers to prevent resource exhaustion. | Available in renlyAI runtime |
| Agent execution boundaries | Agents operate within defined tool scopes. No self-authorized cross-system writes. | Available in renlyAI runtime |
| Extended governance | Dual-evaluation policy layers, human escalation, enterprise templates, and cloud-boundary semantic analysis. | Enterprise |
Enterprise Governance
Extended enterprise governance
renlyAI's Enterprise tier extends the platform with deeper policy layers and evidence workflows for organizations that need stricter governance operations.
Enterprise teams can combine renlyAI runtime controls with extended governance modules as requirements evolve across security, compliance, and operations.
FAQ
Security questions
How does renlyAI protect sensitive credentials?
renlyAI encrypts sensitive credentials with AES-256-GCM before storage and uses TLS for data in transit.
Can renlyAI write to connected systems without approval?
No. Write actions that can change connected systems are approval-gated and require explicit user confirmation before execution.
Does renlyAI support enterprise identity?
Yes. renlyAI supports Microsoft Entra ID sign-in and role-scoped access controls.
What additional governance does the Enterprise tier provide?
The Enterprise tier extends governance with additional policy layers, evidence workflows, and operational safeguards for stricter environments.
How does renlyAI defend against prompt injection?
User input is wrapped in delimiter tags to prevent prompt content from being treated as instructions. A regex scanner evaluates all AI-generated plans for known injection patterns before execution.
What happens if the governance service goes down?
AI requests are blocked. renlyAI implements fail-closed circuit breakers per organization. There is no fallback to uncontrolled execution.
Does renlyAI follow the OWASP Top 10 for Agentic Applications?
Yes. renlyAI's security layer addresses the OWASP Agentic Top 10 including prompt injection, excessive agency, sensitive data exposure, and denial of service.
Can one organization's failure affect another?
No. Circuit breakers are per-organization. A failure in one tenant's governance evaluation cannot cascade to other organizations.
Security built for enterprise AI operations
renlyAI combines practical runtime controls with governance options that can scale to stricter enterprise environments.