AI Firewall
An AI Firewall is a software layer that detects and redacts sensitive data — PII, PHI, trade secrets, or custom entity types — from a prompt before it leaves your network boundary and reaches any AI model.
Glossary
The vocabulary of regulated AI.
Plain-language definitions of the terms that come up in every legal, biotech, and defense AI conversation — written for the buyer who has to defend the decision, not just sign the PO.
16 terms
BAA (Business Associate Agreement)
A BAA is the HIPAA-required contract between a covered entity (or another business associate) and a vendor that will create, receive, maintain, or transmit protected health information on the covered entity's behalf.
BYO Cloud (Bring Your Own Cloud)
BYO cloud is a deployment model where a SaaS vendor's software runs inside the customer's own cloud account — typically AWS, Azure, or GCP — rather than in the vendor's tenancy.
CUI (Controlled Unclassified Information)
CUI is information the US Government creates or possesses, or that an entity creates or possesses for the Government, that requires safeguarding consistent with the law and policies cataloged in 32 CFR Part 2002.
Frontier Model
A frontier model is a large language model at the current capability ceiling — typically the flagship release from a major lab such as OpenAI, Anthropic, Google DeepMind, Meta, Mistral, or xAI.
ITAR-Compliant AI
An ITAR-compliant AI deployment processes International Traffic in Arms Regulations data on infrastructure that is owned, operated, and physically located inside the United States and accessed only by US persons.
Model Disagreement
Model disagreement is when two or more frontier AI models give materially different answers to the same prompt. It is the strongest available signal that a claim is contested, uncertain, or context-dependent.
Multi-Model AI
Multi-model AI is the practice of running the same prompt across two or more frontier models from different providers — and comparing the answers — rather than committing to one vendor's model.
PII Redaction (Prompt-Time)
Prompt-time PII redaction is the removal or substitution of personally identifiable information from an AI prompt before it leaves the user's network, so the model and its provider never receive the original values.
Prompt-Level Audit Log
A prompt-level audit log records every prompt sent to an AI model, the user who sent it, the model that received it, the response returned, and any AI Firewall actions applied — at the granularity of a single request.
RAG (Retrieval-Augmented Generation)
Retrieval-augmented generation is a pattern in which a language model is given relevant document excerpts at query time — retrieved from a vector store, search index, or knowledge base — and instructed to answer using that material.
Shadow AI
Shadow AI is the unauthorized use of consumer AI tools — typically ChatGPT, Claude, or Gemini on personal accounts — by employees handling work that includes sensitive company or customer data.
Sovereign Compute
Sovereign compute is AI infrastructure where the hardware, network, and operational staff all sit inside a single jurisdiction's legal control — typically dedicated bare-metal servers in a domestically owned and operated data center.
SSO and SCIM for AI
SSO (single sign-on) and SCIM (System for Cross-domain Identity Management) are the identity-provider integrations that let an enterprise manage AI workspace access through its existing IdP — Okta, Azure AD, Google Workspace, OneLogin.
Substitution and Reconstitution
Substitution and reconstitution is the technique of replacing sensitive values in a prompt with reversible tokens before transmission, then restoring the original values in the model's response on the return path.
The Tokyo Test
The Tokyo Test is a demonstration that frontier AI models routinely disagree on questions of fact. The same prompt is run across multiple models simultaneously, and the user sees that the answers diverge.