What is Highflame
Highflame — security infrastructure for AI agents. Runtime guardrails with sub-10ms latency, Cedar policy enforcement, agent identity, and adversarial red teaming.
Highflame is security infrastructure for AI agents and autonomous systems. It provides a shared control plane for defining what agents are allowed to do, enforcing those rules at runtime, observing behavior across products and environments, testing systems adversarially, and producing an audit trail for what happened.
If your organization is deploying agents that call tools, connect to MCP servers, modify code, invoke APIs, or operate across long-running workflows, Highflame is the layer that makes that autonomy safe to ship.
What Highflame Does
Highflame secures AI systems across four responsibilities:
Discover — AI applications, agents, MCP servers, models, tools, and usage patterns across the organization. Understand where autonomy is running and where risk is accumulating.
Govern — AI behavior with typed Cedar policy, identity-aware controls, scoped permissions, and runtime guardrails. Shared enforcement across applications, agents, and platforms.
Monitor — AI traffic and runtime decisions through distributed traces, threat telemetry, session-aware observability, and audit-ready records.
Protect — AI systems with inline threat detection, tool and workflow enforcement, adversarial red teaming, and model supply chain validation.
Technical Architecture
Studio
Dashboards, Policy Management, Playground, Operator UX
Configuration and visibility
Observatory
ClickHouse, Collector Pipeline, Traces, Events
Observability and audit
Products
Guardrails, Code Agents (Overwatch), MCP Gateway, Browser Security (Sentry), Red Team, Palisade
User-facing integration surfaces
Shield
Tiered Detection: built-in (secrets, PII, injection) → ML (Raudra, toxicity, hallucination, GRU) → Cloud (DLP, ModelArmor, CheckPhish) + BYOD webhooks
Runtime threat detection
Cedar Engine
Per-service schemas (5), explain and debug modes, context projection
Policy evaluation
Core
Policy packages, Taxonomy, Identity (ZeroID), Authorization, Tenancy
Platform foundation
Detection — 25+ built-in detectors (sub-5ms), ML classifiers (10-200ms), and cloud APIs (50-500ms). Detectors declare their output keys; the projection layer normalizes them into stable semantic context for Cedar.
Policy — Cedar policies read projected context and emit permit/deny. Deny always wins. Five service-specific schemas (Guardrails, Overwatch, Sentry, MCP Gateway, Palisade) with typed actions, entities, and context attributes. The same policy framework governs MCP tool calls, IDE file operations, and Shield API evaluations.
Observability — Every evaluation produces a trace with latency breakdowns, detector results, Cedar decisions, and session state. OpenTelemetry-native. Feeds into Observatory for threat dashboards, session analysis, and command center.
Product Surfaces
Highflame is a platform, not a single-point solution. Product surfaces share the same detection, policy, and observability layers:
Guardrails
LLM prompts, tool calls, model responses, files
SDK (Python, TypeScript, Rust) or REST API
Code Agents
IDE agents — Cursor, Claude Code
VS Code / JetBrains extension
MCP Gateway
MCP server connections, tool calls, resource access
HTTP proxy or SDK
Browser Security
AI chat in browsers — ChatGPT, Gemini, Claude
Browser extension
Red Team
Agent, prompt, and workflow vulnerability testing
Studio UI or API
Palisade
ML model artifacts — safetensors, GGUF, pickle, ONNX
CI/CD (GitHub Actions, Azure DevOps)
Framework Coverage
Detections, policies, and findings map to industry security frameworks:
OWASP LLM Top 10
Prompt injection, data leakage, tool misuse, model DoS, insecure output handling
OWASP MCP Top 10
Tool poisoning, server impersonation, cross-origin escalation, rug pull
MITRE ATLAS
Adversarial ML techniques mapped to detection signals and red team categories
NIST AI RMF
Risk measurement, governance controls, audit evidence, compliance reporting
Who This Is For
Developers integrating guardrails into AI applications
Security engineers defining policies and controls
For Security Teams
Platform engineers managing multi-team rollout
Red team practitioners testing for vulnerabilities
DevOps deploying Highflame infrastructure
Deployment Guides
Last updated