DEV Community

Matheus Delgado
Matheus Delgado

Posted on

LLMs Don’t Have a Security Layer — So I Built One

#architecture #llm #security

Over the last year, companies have started connecting LLMs to real users, real data and real systems. That’s when I realised something important:

LLMs don’t come with a security layer.

Once you expose an LLM to the real world, you also expose yourself to:

  • prompt injection
  • phishing & social-engineering via LLM
  • data exfiltration
  • PII leakage
  • unsafe or non-compliant outputs
  • zero auditability

And unlike traditional input validation, LLM attacks are linguistic — meaning you’re not filtering SQL or JSON… you’re filtering natural language.

So I built a Zero-Trust Security Gateway for LLMs

Instead of calling the model directly, requests flow through:

client

Firewall & risk detection


Prompt normalization & rewriting


Policy enforcement


Inbound data protection (masking)

LLM

Outbound protection (redaction)

Response governance filter

Audit logging

This runs as a gateway, so teams can deploy it inside their own infrastructure — without sending data to yet another SaaS.

Real-world risks I’m seeing

  1. Prompt injection
    Users convince the model to ignore your instructions.

  2. Phishing & social engineering
    LLM becomes the attack channel itself.

  3. Data leakage
    Models happily return internal or sensitive information.

What this gateway actually does

  • detect malicious or risky instructions
  • detect phishing & deception
  • normalize & rewrite prompts safely
  • enforce policy rules
  • mask & protect sensitive data
  • block unsafe outputs
  • log every decision None of this is a silver bullet — the goal is to reduce risk in production environments.

Example: blocking a phishing-style response
If the model attempts to request credentials or send a malicious link, the gateway blocks or rewrites it — and logs the decision so it is auditable later.

Why self-hosted?
Many companies don’t want another SaaS handling sensitive data.
So the gateway runs via Docker in your own infra — the license only validates usage.

I’d love feedback
This is still evolving. If you’re working with LLMs in a serious environment (security, compliance, healthcare, finance, SaaS) I’d really value your input.

Demo & docs: https://llmsafe.cloud

Happy to answer questions or discuss real-world attack scenarios.

Top comments (0)