Policy Configuration
On the Policies page, you can define how AI traffic submitted to AIDR is inspected and controlled.
Each policy type corresponds to a collector category, such as Browser, Application, Gateway, Agentic, or Logging. You can assign a policy to any
collector of the matching category registered in your account. The rules defined within a policy report, block, or transform data at different stages of the AI workflow.Policies determine which detections apply to data flowing through the collector and whether to enforce actions.
You can reuse policies across multiple collectors of the same type. When you update a policy, changes apply to all collectors using that policy.
You can omit policy assignment entirely and use collectors for logging only.
Pre-configured policies
The Policies page displays default policies designed for common use cases. These policies serve as examples and starting points for your configurations.
Edit policies or create additional ones to match your security requirements.
Create policy
-
On the Policies page, click + Policy.
-
In the Create a Policy dialog:
- Select a policy type corresponding to a collector category.
- Enter a Display name to appear in collector policy selectors.
- Review the Policy Key, a unique identifier generated automatically from the display name. AIDR reports the policy key in the API response.
-
Click Save.
This creates a policy and opens its details page.
To return to the policy details page later, click the policy name in the Policies list.
Configure policy rules
Event types
On the policy details page, configure rules for different event types in the AI application data flow.
In a request to AIDR APIs , pass the event_type parameter with a value supported by your collector.
Common event types
The input and output event types correspond to incoming (prompt) data and AI system responses.
All collectors support these event types, except the MCP (Model Context Protocol) collector.
If a collector doesn't specify an event type in its request, AIDR applies input by default.
You can configure policy rules for each event type:
- Input Rules - Inspect and control data sent to AI systems (prompts, tool responses, and similar content). Input rules detect malicious prompts, sensitive data, and other risks before data reaches an AI provider.
- Output Rules - Inspect and control responses from AI systems (model completions, generated content, and similar output). Output rules detect harmful content, leaked sensitive data, and other risks in AI-generated responses.
MCP events
The MCP collector applies separate policies to different parts of MCP (Model Context Protocol) client-server communications:
- Tool Input Rules - Detect risks in data sent to MCP server tools.
- Tool Output Rules - Detect risks in MCP server responses.
- Tool Listing Rules - Detect risks in tool descriptions received from the MCP server.
Custom event types
The Application collector lets you specify additional event types. On the collector details page, click + Event Type to create rules for a custom event type.
Rules
Rules for each event type target request metadata and content exchanged with the AI system:
- Access rules - Evaluate request attributes at runtime to determine whether a request is allowed, denied, or reported.
- Prompt rules - Apply detectors to content exchanged with an AI system. Detectors report, block, or transform the data.
Access rules can reference detection results or execute prompt rules.
When a policy executes:
-
AIDR evaluates configured access rules sequentially. Each rule produces its own result:
Continueactions proceed to the next rule.Stopactions, such asReport and Stop,Block and Stop,Ignore and Stop, halt rule execution. Prompt rules are not evaluated.
-
If no access rules stop execution, AIDR applies enabled prompt rules:
- Runs configured detectors on the content.
- Applies actions defined in the detectors (Block, Report, and detector-specific actions).
Report Only Mode
Enabling Report Only Mode evaluates policy rules and logs results without enforcing actions on end users. In Report Only Mode, AIDR doesn't return policy evaluation results to the collector.
Report Only Mode lets you test policies and collect data for analysis without affecting user experience.
{
...
"status": "Success",
"summary": "The payload has been accepted and will be processed asynchronously",
"result": {}
}
How Report Only Mode works with existing rules
When you enable Report Only Mode, action labels and color indicators change to reflect reporting-only behavior:
BlockbecomesAlertand the color indicator changes from red to orange. The event is logged, but the request proceeds. Users aren't notified or interrupted.Transform(Replacement,Mask, etc.) - The color indicator changes from purple to blue. Transformations apply only to logged content for analysis. Users see the original, unmodified data.
AIDR sets the Status field in logs to Reported in either case.
Interpreting findings
In Report Only Mode, logged content shows what the policy would have done if enforced, not what users experienced.
Examine the Reported status to distinguish evaluated findings from enforced ones.
Use cases:
- Test new policies in production without user impact.
- Tune detection rules before enforcement.
- Collect baseline data for policy development.
Browser collector Output Rules always run in Report Only Mode. Transformation and blocking actions aren't available for browser output rules.
View policy configuration activity
On the policy details page, you can view policy configuration changes in the Configuration Activity tab on the right side.
Manage policy options
Click the menu icon (⫶) in the policy list or on the policy details page to access the following options:
- Clone - Create a copy of the policy.
- Rename - Edit the policy name (available for custom policies and modified default policies).
- Delete - Remove or reset policies:
- For a policy you created - Delete the policy.
- For a default policy - Reset the policy to its default configuration.