Why Starfort: the AI risk hierarchy
Starfort exists because AI risk is not one undifferentiated problem. It ranks into three tiers, and each tier is handled differently — this ordering is what justifies “enforce centrally, optimize locally.”| Priority | Risk | Examples | How it is handled |
|---|---|---|---|
| 1st | AI Security risk | PII / secret leakage, jailbreak, prompt injection | Non-negotiable — enforced centrally |
| 2nd | AI Regulatory risk | national AI law, domain rules (finance, healthcare), internal policy | Mandatory — central guidance + per-domain application |
| 3rd | AI Service risk | hallucination, quality, user experience | Quality improvement — autonomous optimization allowed |
How Starfort is used
There are three entry points, each providing a different level of control. They share the same Guardian engine and policies.API — service level
Internal/external services (backends, chatbots) embed guardrails by calling the Guard API before/after their model.
Desktop Agent — device level
Employees use everyday AI tools while the Desktop Agent (Windows) transparently enforces policy on the endpoint.
Proxy Server — infrastructure level
AI calls made at an external service’s server-side entry point are routed through Starfort.
What Guardian does to a request
Every piece of content is evaluated against your Guard Policies and assigned an action. The action set depends on the policy type:PASS
Content is allowed through unchanged.
MASK
Sensitive spans are replaced with tokens (e.g.
[PHONE_NUMBER_1]) — PII policies.BLOCK
The request is stopped before it reaches the AI service.
Core ideas
Guardian
The engine that inspects content and decides the action.
Guard Policy
The PII and Topic rules a Guardian enforces.
Organization hierarchy
Company › Organization › Project, and how Guardians attach to projects.
Glossary
Definitions for every Starfort term used in these docs.
What’s new in v1.3
- Forge — test your policies before they meet traffic — register a Test Dataset (inputs paired with expected verdicts) per Project Guardian, run Experiments against chosen policy versions, and measure PASS / MASK / BLOCK accuracy. Failed cases point you to the policy fix; a re-run confirms it. See Test policies (Forge).
- Opticon Fail-Safe (Fail-Open / Fail-Closed) — each project can now choose what happens when a Guard verdict is rendered but its audit trace ultimately can’t be recorded: return it as before (Fail-Open, the default) or block the request (Fail-Closed), closing the audit gap for compliance-critical operations. See Monitor traces (Opticon).
This documentation covers Starfort v1.3. Product names — Starfort, Guardian, Guard Policy, Guard API, Opticon, Control Profile — are kept in English across all languages.