Use mutual TLS (mTLS) or OAuth2 scoped tokens for services communicating with AI models to prevent unauthorized service access and lateral movement.

Restrict who can modify critical model parameters such as temperature, top_p, or system prompts.

Use a dedicated moderation or classification model to analyze user prompts before sending them to the main LLM.

Force the model to produce structured responses using strict schemas such as JSON to prevent arbitrary output execution.

Limit the number of requests and token usage per user to prevent denial-of-service attacks and financial abuse.

Return generic error messages to users while logging detailed errors internally to prevent information leakage.

Configure Web Application Firewalls with rules specifically designed to detect AI prompt attacks.

Separate user inputs from system instructions using delimiters or XML-style tags.

Restrict which tools an AI agent can access and define strict execution policies.

Secure API keys used by AI applications to prevent unauthorized access.

Prevent attackers from pushing system prompts out of the context window using extremely long prompts.

Scan generated responses to prevent leakage of sensitive data or harmful content.