LLM SECURITY FRAMEWORK — OPEN CORE
LLM Security.
Engineered.
Evidenced.
The only framework that handles the complete attack → judge → patch → validate → evidence lifecycle in a single orchestrated system.
$ redthread run pipeline --model ollama/llama3.1 \
--attack jailbreak,pii --judge gpt-4o \
--evidence --out ./reports/run-001
● PIPELINE COMPLETE — 37 checks passed. Evidence emitted.
5-phase
End-to-end lifecycle
CI/CD
Native pipeline gates
SOC 2
Compliance artifacts
02 / THE PROBLEM
Ad-hoc red-teaming doesn't satisfy auditors.
Security and compliance teams lack structured, auditable evidence that LLM systems have been adversarially tested before production. Existing tools — Garak, PyRIT standalone, PromptFoo — handle one step. None produce the chain-of-custody artifacts that SOC 2, NIST AI RMF, or the EU AI Act demand.
ONE-SHOT
Manual red-teaming runs produce no repeatable audit trail.
FRAGMENTED
Separate tools for attack, evaluation, and patching with no shared state.
NO EVIDENCE
GRC teams have nothing to present when auditors ask for proof.
03 / THE PIPELINE
Five phases. One orchestrated system.
Built on LangGraph and PyRIT. Supports local models via Ollama and all frontier providers.
Generate adversarial prompts — jailbreaks, PII extraction, prompt injection, OWASP Top 10 for LLMs. Configurable attack libraries with custom extensions.
Multi-model judge agents score each attack response for risk severity, category, and confidence. Configurable thresholds trigger downstream gates.
Automatically synthesize guardrail candidates — input filters, output validators, and system-prompt patches — scoped to the attack category.
Sandbox and replay attacks against patched models. Regression-check existing evaluations. Block promotion if thresholds are not met.
Emit signed, timestamped evidence reports in JSON and PDF. Each artifact maps findings to SOC 2, NIST AI RMF, and EU AI Act controls.
04 / OPEN CORE
Start free. Scale to compliance.
Open Source
Free forever
Full CLI. The complete attack → evidence pipeline for engineers who want to run local and frontier model security evaluations without friction.
- Full CLI and LangGraph pipeline
- Local models via Ollama
- Frontier model support
- Attack generation library
- Judge agent evaluation
- Guardrail synthesis
- CI/CD gates (GitHub Actions, GitLab CI)
- JSON evidence output
- Community support
Enterprise
Contact us
Managed orchestration, centralized audit infrastructure, signed compliance artifacts, and SLA-backed support for Fortune 500 teams under regulatory obligation.
- Everything in Open Source
- Managed cloud orchestration
- Centralized audit trail
- Signed evidence reports (PDF + JSON)
- Compliance export: SOC 2, NIST AI RMF
- EU AI Act artifact templates
- SSO / RBAC
- Proprietary & updated attack libraries
- SLA-backed support
05 / COMPLIANCE
Evidence auditors can rely on.
Every pipeline run produces a signed, timestamped evidence package. Artifacts map findings to specific regulatory controls so your GRC team can present proof, not promises.
Maps attack categories and judge scores to Common Criteria. Emits timestamped evidence artifacts for CC6 and CC7 controls.
Covers GOVERN, MAP, MEASURE, and MANAGE functions. Evidence reports reference the framework profile and include drift indices.
Supports high-risk AI system documentation requirements. Produces conformity assessment artifacts aligned to Annex IV.
06 / GET STARTED