SAILLENT Documentation

The complete technical reference for deploying, configuring, and operating SAILLENT - the runtime security platform for AI agents, MCP servers, and LLM applications.

Overview

SAILLENT is a runtime security and governance platform for AI actions. We provide the critical infrastructure layer that sits between your AI applications and the models, tools, and data they access.

The Problem We Solve

Traditional security tools were not built for AI. Firewalls do not understand prompts. WAFs cannot detect prompt injection. SIEMs cannot track autonomous agent behavior. As enterprises deploy AI agents at scale, they face critical challenges:

  • No visibility into what AI agents are actually doing
  • No control over which tools agents can access
  • No audit trail for compliance and forensics
  • No protection against prompt injection and data leakage
  • No governance framework for AI security policies

The SAILLENT Solution

SAILLENT intercepts every AI action in real-time - whether it is a prompt to an LLM, a tool call via MCP, or an autonomous decision by an agent. We inspect, evaluate against policies, and enforce security controls before any action executes.

Key Capabilities: Real-time inspection, policy-based enforcement, complete audit trails, prompt injection detection, PII redaction, MCP authorization, and SIEM integration.

Who Uses SAILLENT?

  • Security Teams: Gain visibility and control over AI agent behavior
  • Compliance Officers: Meet SOC 2, HIPAA, GDPR, and regulatory requirements
  • AI Engineers: Deploy AI applications with confidence
  • CISOs: Govern AI usage across the enterprise

Architecture

SAILLENT operates as a runtime inspection layer with four core components working in concert to provide comprehensive AI security.

System Architecture Overview

The SAILLENT platform consists of a Control Plane for management and multiple Runtime Engines deployed at the edge for high-performance inspection.

1. Control Plane

The centralized management layer where you define policies, configure integrations, and monitor system health.

Key Functions:

  • Policy management and distribution
  • Integration configuration
  • System monitoring and health checks
  • Audit log aggregation
  • User and role management

2. Runtime Engine

Deployed at the edge, close to your AI applications. The Runtime Engine performs sub-millisecond inspection of every request and response.

Key Features:

  • High Performance: 140,000+ decisions per second
  • Low Latency: Sub-millisecond inspection time
  • High Availability: Can operate independently if Control Plane is unreachable
  • Scalable: Deploy multiple instances for load distribution

3. Policy Engine

Evaluates every AI action against your security policies. Policies are written in YAML and version-controlled via GitOps.

Capabilities:

  • Complex condition evaluation
  • Identity-based rules
  • Context-aware decisions
  • Risk scoring (0-100)
  • Policy priority and inheritance

4. Audit Engine

Records every decision with complete context for compliance and forensics.

What Gets Logged:

  • Timestamp and request ID
  • User identity and agent information
  • AI model and tool accessed
  • Prompt and response content (redacted if PII detected)
  • Policy evaluation details
  • Decision outcome and reasoning
  • Risk score and factors

Deployment Flexibility: SAILLENT supports multiple deployment modes including inline proxy, sidecar, and gateway configurations to fit your existing infrastructure.

Quick Start

Get SAILLENT up and running in under 5 minutes. This guide walks you through the basic installation and your first policy configuration.

Prerequisites

  • Docker 20.10 or later
  • At least 2GB RAM and 2 CPU cores
  • Network access to your AI applications

Step 1: Install SAILLENT

# Pull the latest SAILLENT image
docker pull saillent/runtime-engine:latest

# Start the runtime engine
docker run -d   --name saillent-engine   -p 8080:8080   -p 8443:8443   -e SAILLENT_API_KEY=your-api-key   -e SAILLENT_CONTROL_PLANE=https://control.saillent.com   saillent/runtime-engine:latest

Step 2: Verify Installation

# Check health endpoint
curl http://localhost:8080/health

# Expected response:
{"status": "healthy", "version": "1.0.0", "uptime": "5m"}

Step 3: Create Your First Policy

Create a file named block-pii.yaml:

policy: "block-pii-leakage"
description: "Block requests containing PII"
action: "block"
priority: 100
conditions:
  - type: "pii_detection"
    entities:
      - "SSN"
      - "CreditCard"
      - "EmailAddress"
enforcement: "block"
audit: true

Step 4: Deploy the Policy

# Upload policy via API
curl -X POST http://localhost:8080/api/v1/policies   -H "Authorization: Bearer your-api-key"   -H "Content-Type: application/yaml"   --data-binary @block-pii.yaml

# Verify policy is active
curl http://localhost:8080/api/v1/policies   -H "Authorization: Bearer your-api-key"

Next Steps: Explore the Installation Guides for production deployment options, or check out the Policy Engine documentation to learn about advanced policy features.

Installation: Docker

Docker is the recommended installation method for most deployments. This guide covers single-node and multi-node configurations.

System Requirements

ComponentMinimumRecommended
CPU2 cores4+ cores
Memory2 GB8+ GB
Disk10 GB50+ GB
Docker20.10+Latest stable

Basic Installation

# Pull the image
docker pull saillent/runtime-engine:latest

# Run with basic configuration
docker run -d   --name saillent-engine   -p 8080:8080   -p 8443:8443   -e SAILLENT_API_KEY=your-api-key   -e SAILLENT_CONTROL_PLANE=https://control.saillent.com   -e SAILLENT_LOG_LEVEL=info   saillent/runtime-engine:latest

Production Configuration

For production deployments, use a configuration file:

# Create config directory
mkdir -p /opt/saillent/config

# Run with configuration file mounted
docker run -d   --name saillent-engine   -p 8080:8080   -p 8443:8443   -p 9090:9090   -v /opt/saillent/config:/config   -e SAILLENT_API_KEY=your-api-key   -e SAILLENT_CONFIG_FILE=/config/engine.yaml   saillent/runtime-engine:latest

High Availability Setup

Deploy multiple instances behind a load balancer:

# Instance 1
docker run -d   --name saillent-engine-1   -p 8081:8080   -e SAILLENT_API_KEY=your-api-key   -e SAILLENT_INSTANCE_ID=engine-1   saillent/runtime-engine:latest

# Instance 2
docker run -d   --name saillent-engine-2   -p 8082:8080   -e SAILLENT_API_KEY=your-api-key   -e SAILLENT_INSTANCE_ID=engine-2   saillent/runtime-engine:latest

Policy Engine

The Policy Engine is the decision-making core of SAILLENT. It evaluates every AI action against your security policies and determines the appropriate enforcement action.

Policy Structure

Policies are written in YAML and consist of several key components:

  • Policy Name: Unique identifier for the policy
  • Description: Human-readable explanation of what the policy does
  • Action: What to do when conditions match (allow, block, redact, require-approval, log-only)
  • Priority: Numeric value determining evaluation order (higher = evaluated first)
  • Conditions: List of conditions that must be met for the policy to apply
  • Enforcement: How the action is applied

Policy Examples

Block PII Leakage

policy: "block-pii-leakage"
description: "Block requests containing sensitive PII"
action: "block"
priority: 100
conditions:
  - type: "pii_detection"
    entities:
      - "SSN"
      - "CreditCard"
      - "BankAccount"
enforcement: "block"
audit: true

Restrict Tool Access by Agent Type

policy: "restrict-database-access"
description: "Only internal agents can query production databases"
action: "block"
priority: 90
conditions:
  - tool: "postgres.query"
    database: "production"
    agent_type: "external"
enforcement: "block"
audit: true

Require Approval for High-Risk Actions

policy: "require-approval-high-risk"
description: "Require human approval for high-risk operations"
action: "require-approval"
priority: 80
conditions:
  - risk_score: ">= 80"
enforcement: "require-approval"
approval_timeout: "24h"
audit: true

Policy Evaluation Flow

When an AI action is intercepted, the Policy Engine follows this evaluation flow:

  1. Extract Context: Gather all relevant information (user, agent, tool, prompt, etc.)
  2. Calculate Risk Score: Assign a risk score (0-100) based on multiple factors
  3. Evaluate Policies: Check policies in priority order (highest first)
  4. Match Conditions: For each policy, evaluate if all conditions are met
  5. Determine Action: Apply the action from the first matching policy
  6. Enforce Decision: Execute the enforcement action (allow, block, redact, etc.)
  7. Log Decision: Record the complete decision in the audit log

Risk Scoring

Every AI action receives a risk score based on:

  • Sensitivity of Data: PII, financial data, credentials
  • Agent Identity: Internal vs external, trust level
  • Tool Sensitivity: Database access, file system, shell commands
  • Historical Behavior: Past violations or anomalies
  • Context: Time of day, location, session context

Best Practice: Start with log-only policies to understand your environment, then gradually move to enforcement actions as you gain confidence.

MCP Security

Model Context Protocol (MCP) enables AI agents to access tools and data sources. SAILLENT provides comprehensive security for MCP communications.

What is MCP?

MCP is a protocol that allows AI models to interact with external tools, databases, and services. It enables agents to:

  • Query databases
  • Access file systems
  • Call APIs
  • Execute commands
  • Retrieve data from SaaS applications

MCP Security Challenges

Without proper security, MCP introduces significant risks:

  • Unauthorized Tool Access: Agents may access tools they should not
  • Parameter Injection: Malicious parameters in tool calls
  • Data Exfiltration: Agents leaking sensitive data via tool responses
  • Privilege Escalation: Agents gaining unauthorized access levels

SAILLENT MCP Protection

SAILLENT intercepts all MCP communications and provides:

1. Tool Authorization

Control which tools each agent can access:

policy: "mcp-tool-authorization"
action: "allow"
conditions:
  - agent: "finance-assistant"
    allowed_tools:
      - "postgres.query"
      - "salesforce.read"
    denied_tools:
      - "shell.execute"
      - "filesystem.write"

2. Parameter Inspection

Inspect and validate all parameters in tool calls:

policy: "mcp-parameter-validation"
action: "block"
conditions:
  - tool: "postgres.query"
    parameters:
      - field: "query"
        pattern: "DROP|DELETE|TRUNCATE"
        action: "block"

3. Context Isolation

Ensure agents only access data relevant to their session:

policy: "mcp-context-isolation"
action: "allow"
conditions:
  - tool: "postgres.query"
    session_context: "enforce"
    allowed_tables: "session-scoped"

MCP Deployment Modes

SAILLENT supports multiple MCP deployment configurations:

  • Inline Proxy: SAILLENT sits between agent and MCP server
  • Sidecar: SAILLENT runs alongside each agent
  • Gateway: Centralized MCP gateway with SAILLENT inspection

Recommendation: Start with inline proxy mode for simplicity, then migrate to gateway mode for centralized management as your deployment scales.

LLM Security

Protect your LLM interactions from prompt injection, data leakage, and unsafe outputs.

LLM Security Threats

LLMs face unique security challenges:

  • Prompt Injection: Malicious prompts that manipulate model behavior
  • Jailbreaking: Attempts to bypass safety controls
  • Data Leakage: Sensitive information in prompts or responses
  • Toxic Outputs: Harmful or inappropriate model responses

Prompt Injection Detection

SAILLENT detects and blocks prompt injection attempts:

policy: "block-prompt-injection"
action: "block"
priority: 95
conditions:
  - type: "prompt_injection_detection"
    patterns:
      - "ignore previous instructions"
      - "you are now"
      - "disregard all prior"
enforcement: "block"
audit: true

PII Redaction

Automatically redact sensitive information from prompts and responses:

policy: "redact-pii"
action: "redact"
priority: 90
conditions:
  - type: "pii_detection"
    entities:
      - "SSN"
      - "CreditCard"
      - "EmailAddress"
      - "PhoneNumber"
enforcement: "redact"
redaction_pattern: "[REDACTED]"
audit: true

Supported LLM Providers

SAILLENT integrates with all major LLM providers:

  • OpenAI (GPT-4, GPT-3.5)
  • Anthropic (Claude)
  • Azure OpenAI
  • AWS Bedrock
  • Google Vertex AI
  • Cohere
  • Mistral

Tip: Enable both prompt injection detection and PII redaction for comprehensive LLM security. These policies work together to protect both inputs and outputs.

API Reference

SAILLENT provides a comprehensive REST API for managing policies, retrieving audit logs, and monitoring system health.

Base URL

https://your-instance.saillent.com/api/v1

Authentication

All API requests require authentication using an API key:

Authorization: Bearer your-api-key

Common Endpoints

Health Check

GET /health

# Response:
{
  "status": "healthy",
  "version": "1.0.0",
  "uptime": "5d 12h 30m"
}

List Policies

GET /policies

# Response:
{
  "policies": [
    {
      "name": "block-pii-leakage",
      "action": "block",
      "priority": 100,
      "enabled": true
    }
  ]
}

Create Policy

POST /policies
Content-Type: application/yaml

# Request body: YAML policy definition

Get Audit Logs

GET /audit/logs?limit=100&offset=0

# Response:
{
  "logs": [
    {
      "timestamp": "2026-07-10T14:23:45Z",
      "request_id": "req_18f72c9",
      "agent": "finance-assistant",
      "tool": "postgres.query",
      "decision": "blocked",
      "reason": "PII detected",
      "risk_score": 95
    }
  ]
}

Rate Limiting

API requests are rate-limited to:

  • 1000 requests per minute per API key
  • 10000 requests per hour per API key

Note: For high-volume use cases, contact sales for increased rate limits.

Troubleshooting

Common issues and their solutions.

Engine Won't Start

Symptom: Docker container exits immediately

Solution:

  • Check logs: docker logs saillent-engine
  • Verify API key is correct
  • Ensure Control Plane URL is reachable
  • Check port availability (8080, 8443)

Policies Not Applying

Symptom: Requests are not being blocked/allowed as expected

Solution:

  • Verify policy is enabled: GET /api/v1/policies
  • Check policy priority (higher priority = evaluated first)
  • Review conditions - ensure they match the request context
  • Check audit logs for policy evaluation details

High Latency

Symptom: Requests are slow

Solution:

  • Check network latency to Control Plane
  • Reduce number of active policies
  • Optimize policy conditions (avoid complex regex)
  • Scale horizontally by adding more engine instances

Connection Lost to Control Plane

Symptom: Engine reports "Control Plane unreachable"

Solution:

  • Engine will continue operating with cached policies
  • Check network connectivity
  • Verify Control Plane URL and API key
  • Engine will automatically reconnect when available

Need Help? Contact support at [email protected] or check the FAQ section.