Policy Categories

Containment.AI organizes policies into categories for easier management. Each category addresses a specific area of AI governance.

Data Loss Prevention

Policies that prevent sensitive organizational data from being shared with AI platforms.

Detects confidential documents, internal reports, and proprietary data
Blocks sharing of classified or restricted content
Monitors for bulk data extraction patterns
Default: Block

PII Detection

Policies that detect personally identifiable information.

Social Security Numbers (XXX-XX-XXXX patterns with checksum validation)
Credit card numbers (Visa, Mastercard, Amex with Luhn validation)
Phone numbers (US and international formats)
Email addresses
Physical addresses
Dates of birth
Default: Block for high-sensitivity PII, Detect for lower-sensitivity

Prompt Injection

Policies that detect and prevent prompt injection attacks against AI systems.

Identifies attempts to override system prompts
Detects jailbreak-adjacent injection patterns
Monitors for encoded or obfuscated injection attempts
Default: Block

Jailbreak Detection

Policies that detect attempts to bypass AI safety measures.

Identifies known jailbreak patterns and techniques
Detects role-play based bypass attempts
Monitors for evolving jailbreak methodologies
Default: Block

Toxicity & Content

Policies that detect toxic, harmful, or inappropriate content.

Identifies hate speech and discriminatory language
Detects threats and violent content
Monitors for harassment patterns
Default: Detect

Compliance

Policies aligned with specific regulatory frameworks.

HIPAA - Protected health information
SOC 2 - Security and availability controls
GDPR - Personal data protection
PCI DSS - Payment card data
Default: Varies by regulation

SQL Injection

Policies that detect SQL injection patterns in AI interactions.

Identifies SQL query fragments in prompts
Detects common injection patterns
Prevents leaking of database structures
Default: Block

XSS Prevention

Policies that detect cross-site scripting patterns.

Identifies script injection in AI-generated content
Detects HTML/JavaScript injection patterns
Monitors for encoded XSS payloads
Default: Block

URL Filtering

Policies that control URLs shared with or generated by AI.

Blocks known malicious URLs
Detects phishing URL patterns
Monitors for internal URL leakage
Default: Detect

Code Detection

Policies protecting proprietary code and intellectual property.

Detects source code snippets (function definitions, class structures)
Identifies internal documentation markers ("Confidential", "Internal only")
Monitors for repository paths and project identifiers
Default: Detect

Content Moderation

Policies for general content quality and appropriateness.

Ensures AI-generated content meets organizational standards
Detects inappropriate or off-topic usage
Monitors content for brand safety
Default: Detect

Formatting

Policies that enforce output formatting standards.

Validates AI response formatting
Ensures consistent output structure
Monitors for formatting anomalies
Default: Detect

Copyright & Licensing

Policies that detect copyrighted or licensed content.

Identifies copyrighted text passages
Detects licensed code snippets
Monitors for trademark usage
Default: Detect

Budget Governance

Policies that monitor and control AI spending.

Tracks token usage against budgets
Alerts on unusual spending patterns
Enforces per-user or per-team limits
Default: Detect

Behavioral Analytics

Policies that analyze user behavior patterns with AI.

Identifies unusual usage patterns
Detects anomalous interaction volumes
Monitors for suspicious behavior sequences
Default: Detect

Custom

Professional

Professional and Enterprise plans can create custom policies:

Creating Custom Policies

Go to Policies
Click Create Policy
Select a template or start from scratch
Configure detection rules and enforcement action
Save and enable

Custom Policy Templates

Keyword Match - Match specific words or phrases
Pattern Match - Regex-based detection
Data Type - Structured data format detection
Blank - Build from scratch

Category Settings

Each category supports:

Bulk Actions

Enable/disable all policies in a category
Set default enforcement action
Export category settings

Category Defaults

Default enforcement action (Block, Detect, or Redact)
Default severity level
Default scope

Policy Overview - How policies work
Configuring Policies - Customize settings
Exceptions - Handle edge cases

Data Loss Prevention​

PII Detection​

Prompt Injection​

Jailbreak Detection​

Toxicity & Content​

Compliance​

SQL Injection​

XSS Prevention​

URL Filtering​

Code Detection​

Content Moderation​

Formatting​

Copyright & Licensing​

Budget Governance​

Behavioral Analytics​

Custom​

Creating Custom Policies​

Custom Policy Templates​

Category Settings​

Bulk Actions​

Category Defaults​

Related Topics​