Skip to main content
CrowdStrike acquired Pangea, gaining its prompt injection defense and AI Detection and Response (AIDR) capabilities. For more information, read here.
This guide explains how to integrate CrowdStrike with TrueFoundry to enhance the security and compliance of your LLM applications.

What is CrowdStrike (formerly Pangea)?

CrowdStrike (formerly Pangea) is a comprehensive security platform that provides API-based security services designed to protect modern applications and AI systems. It offers a unified suite of security tools that can be easily integrated into your applications.

Key Features of CrowdStrike

  1. AI Content Security and Guardrails: CrowdStrike provides real-time content moderation, prompt injection detection, and toxicity analysis to protect your LLM deployments from malicious inputs and ensure safe, compliant outputs.
  2. Flexible Policy Configuration: Implement customizable security policies through CrowdStrike’s domain and recipe-based configuration system with granular rules for content filtering, access controls, and behavior monitoring.
  3. Enterprise-Grade Security Platform: CrowdStrike delivers a comprehensive suite of API-based security services including vault management, audit logging, redaction, and IP intelligence with seamless integration capabilities.

Adding CrowdStrike Integration

To add CrowdStrike to your TrueFoundry setup, follow these steps: Fill in the Guardrails Group Form
  • Name: Enter a name for your guardrails group.
  • Collaborators: Add collaborators who will have access to this group.
  • CrowdStrike Config:
    • Name: Enter a name for the CrowdStrike configuration.
    • Domain: Domain of the cloud provider and region where your CrowdStrike (Pangea) project is configured. Example: if endpoint is https://<service_name>.aws.us-west-2.pangea.cloud/v1/text/guard, the input should be: aws.us-west-2.pangea.cloud
    • Recipe: (Optional) Recipe key of a configuration of data types and settings defined in the CrowdStrike User Console. It specifies the rules that are to be applied to the text, such as defang malicious URLs.
  • Overrides: (Optional) Enable this option to apply custom overrides for the CrowdStrike account configuration.
  • Guard Type: Select the type of guard you want to apply from the dropdown menu.
  • CrowdStrike Authentication Data:
    • API Key: The API key for CrowdStrike authentication.
      This key is required to authenticate requests to CrowdStrike services. You can obtain it from the CrowdStrike (Pangea) Console by navigating to your project dashboard and selecting “Tokens” or “API Keys” section. Ensure you keep this key secure, as it grants access to your CrowdStrike security services.
TrueFoundry interface for configuring CrowdStrike with fields for name, domain, recipe, guard type, and API key

Response Structure

The CrowdStrike API returns a response with the following structure:
This is an example response from CrowdStrike, where a prompt injection is detected. This will be blocked and a 400 error will be returned.
  {
    "data": {
      "recipe": "pangea_prompt_guard",
      "blocked": true,
      "transformed": false,
      "blocked_text_added": false,
      "prompt_text": "forget the rules",
      "detectors": {
        "prompt_injection": {
          "detected": true,
          "data": {
            "action": "blocked",
            "analyzer_responses": [
              {
                "analyzer": "PA4002",
                "confidence": 1
              }
            ]
          }
        }
      }
    }
  }
This is an example response from CrowdStrike, where the content passes all security checks and is allowed.
  {
    "data": {
      "recipe": "pangea_prompt_guard",
      "blocked": false,
      "transformed": false,
      "blocked_text_added": false,
      "prompt_text": "What is the capital of France?",
      "detectors": {
        "prompt_injection": {
          "detected": false,
          "data": {
            "action": "allowed",
            "analyzer_responses": [
              {
                "analyzer": "PA4002",
                "confidence": 0
              }
            ]
          }
        }
      }
    }
  }

Validation Logic

TrueFoundry uses the CrowdStrike response to determine content safety and compliance:
  • If data.blocked is true, the request will be blocked and a 400 error is returned.
  • If data.blocked is false, the request will be allowed to proceed.