What is Model Armor?
Model Armor is a model-agnostic AI security service from Google Cloud that screens prompts and responses from large language models (LLMs) and AI agents in real time. The service detects prompt injection, jailbreak attempts, sensitive data leakage, malicious URLs, and unsafe content. This secures the growing attack surface around generative AI without requiring changes to the models themselves.
Model Armor protects any LLM, including Gemini, OpenAI, Anthropic, and Llama, through a REST API that works independently of cloud and infrastructure. Alternatively, you connect the service through no-code inline integration with Google Cloud components such as Vertex AI, GKE, Apigee, or the Agent Platform. As a result, the AI security provided by Model Armor covers both standalone applications and complex agent architectures.
Core Capabilities
- Prompt injection and jailbreak detection: Model Armor scans prompts and responses for content designed to bypass or manipulate safety mechanisms.
- Sensitive Data Protection: Through its integration with Sensitive Data Protection, the service detects and de-identifies sensitive data such as credit card numbers, financial accounts, and Google Cloud credentials.
- Responsible AI filters and URL screening: Filters enabled by default detect hate speech, harassment, sexually explicit and dangerous content, and CSAM. In addition, Model Armor screens the first 40 URLs per request for malicious links.
- Document screening and language support: The service screens files such as PDF, Word, Excel, PowerPoint, CSV, and text up to 4 MB and is tested across nine languages, including English, German, French, and Spanish.
Common Use Cases
Protecting LLM applications: Applications with user input from untrusted sources place Model Armor between input and model to defend against prompt injection and jailbreaks.
Preventing data leakage: Before a response reaches the user, Model Armor screens it for sensitive data and de-identifies PII, credentials, or financial data.
Securing AI agents: For autonomous agents that call tools and take actions, Model Armor screens inputs and outputs and reduces the risk of manipulated instructions.
Benefits
- Model-agnostic through a REST API, therefore independent of provider, cloud, and infrastructure
- Two modes (inspect only or inspect and block) for staged rollout without production risk
- Data residency in EU regions and through an EU multi-region endpoint
Integration with innFactory
As a certified Google Cloud Partner, innFactory supports you with the adoption and operation of this service.
Typical Use Cases
Frequently Asked Questions
What is Model Armor?
Model Armor is a model-agnostic AI security service from Google Cloud. It screens prompts and responses from LLMs and AI agents for prompt injection, jailbreaks, sensitive data, malicious URLs, and unsafe content. You connect it through a REST API or through native integrations with Google Cloud services.
When should I use Model Armor?
Use Model Armor when you run LLM-based applications, chatbots, or autonomous agents in production and need to secure both inputs and outputs. Typical scenarios involve user input from untrusted sources, access to sensitive data, or compliance requirements for content screening.
How much does Model Armor cost?
Standalone, up to 2 million tokens per month are free, after which it costs 0.10 USD per million tokens. Model Armor is also included in the Security Command Center Premium and Enterprise tiers.
Does Model Armor work with any LLM and in the EU?
Yes. Model Armor is model-agnostic and protects models such as Gemini, OpenAI, Anthropic, and Llama through a REST API, independent of cloud or infrastructure. For data residency, EU regions and an EU multi-region endpoint are available.
