01 / INTRO

LLM SECURITY FRAMEWORK — OPEN CORE

LLM Security.
Engineered.
Evidenced.

The only framework that handles the complete attack → judge → patch → validate → evidence lifecycle in a single orchestrated system.

$ redthread run pipeline --model ollama/llama3.1 \

--attack jailbreak,pii --judge gpt-4o \

--evidence --out ./reports/run-001

● PIPELINE COMPLETE — 37 checks passed. Evidence emitted.

5-phase

End-to-end lifecycle

CI/CD

Native pipeline gates

SOC 2

Compliance artifacts

02 / THE PROBLEM

Ad-hoc red-teaming doesn't satisfy auditors.

Security and compliance teams lack structured, auditable evidence that LLM systems have been adversarially tested before production. Existing tools — Garak, PyRIT standalone, PromptFoo — handle one step. None produce the chain-of-custody artifacts that SOC 2, NIST AI RMF, or the EU AI Act demand.

ONE-SHOT

Manual red-teaming runs produce no repeatable audit trail.

FRAGMENTED

Separate tools for attack, evaluation, and patching with no shared state.

NO EVIDENCE

GRC teams have nothing to present when auditors ask for proof.

03 / THE PIPELINE

Five phases. One orchestrated system.

Built on LangGraph and PyRIT. Supports local models via Ollama and all frontier providers.

01ATTACK
02JUDGE
03PATCH
04VALIDATE
05EVIDENCE
ATTACK

Generate adversarial prompts — jailbreaks, PII extraction, prompt injection, OWASP Top 10 for LLMs. Configurable attack libraries with custom extensions.

JUDGE

Multi-model judge agents score each attack response for risk severity, category, and confidence. Configurable thresholds trigger downstream gates.

PATCH

Automatically synthesize guardrail candidates — input filters, output validators, and system-prompt patches — scoped to the attack category.

VALIDATE

Sandbox and replay attacks against patched models. Regression-check existing evaluations. Block promotion if thresholds are not met.

EVIDENCE

Emit signed, timestamped evidence reports in JSON and PDF. Each artifact maps findings to SOC 2, NIST AI RMF, and EU AI Act controls.

PASS — COMPLIANT

04 / OPEN CORE

Start free. Scale to compliance.

FREE

Open Source

Free forever

Full CLI. The complete attack → evidence pipeline for engineers who want to run local and frontier model security evaluations without friction.

  • Full CLI and LangGraph pipeline
  • Local models via Ollama
  • Frontier model support
  • Attack generation library
  • Judge agent evaluation
  • Guardrail synthesis
  • CI/CD gates (GitHub Actions, GitLab CI)
  • JSON evidence output
  • Community support
Get started on GitHub
ENTERPRISE

Enterprise

Contact us

Managed orchestration, centralized audit infrastructure, signed compliance artifacts, and SLA-backed support for Fortune 500 teams under regulatory obligation.

  • Everything in Open Source
  • Managed cloud orchestration
  • Centralized audit trail
  • Signed evidence reports (PDF + JSON)
  • Compliance export: SOC 2, NIST AI RMF
  • EU AI Act artifact templates
  • SSO / RBAC
  • Proprietary & updated attack libraries
  • SLA-backed support
Contact sales →

05 / COMPLIANCE

Evidence auditors can rely on.

Every pipeline run produces a signed, timestamped evidence package. Artifacts map findings to specific regulatory controls so your GRC team can present proof, not promises.

SOC 2 Type II

Maps attack categories and judge scores to Common Criteria. Emits timestamped evidence artifacts for CC6 and CC7 controls.

NIST AI RMF

Covers GOVERN, MAP, MEASURE, and MANAGE functions. Evidence reports reference the framework profile and include drift indices.

EU AI Act

Supports high-risk AI system documentation requirements. Produces conformity assessment artifacts aligned to Annex IV.

06 / GET STARTED

Security is a process. Not a checkbox.

Start Free on GitHub Contact Enterprise Sales →