Senthex
Blog
April 15, 2026·6 min read·Yohann Sidot

Introducing Senthex v1.0

Today we're launching Senthex — an AI firewall that sits between your app and your LLM provider. One line of code. 26 shields. EU AI Act ready.

The problem

Every company integrating LLMs into production is exposed to the same set of risks. Prompt injection. PII leaks through model outputs. Data exfiltration via carefully crafted inputs. Model hijacking that turns your assistant into something you didn't build.

These aren't theoretical risks. They're happening at scale, right now, across thousands of production systems. The SQL injection of this decade — except most teams haven't even run a pentest on their LLM layer.

The solutions that existed before Senthex fell into two camps. The enterprise tools — complex, expensive, US-hosted, requiring weeks of integration work. And the open-source libraries — powerful, but requiring you to build the whole security infrastructure around them. Neither option works for a startup shipping features on a Tuesday.

Our approach

Senthex is a transparent reverse proxy. You change one line of code — your base_url — and every LLM call you make goes through our shield layer. Your API key, your SDK, your existing code: unchanged.

The latency overhead is 12ms at p99. We measured this in production. It is non-negotiable to us.

We process requests in real-time. We never buffer entire responses. The shield analysis happens in the streaming pipeline as chunks arrive, not after the fact.

And we never store your request or response content. Zero data retention by default. We log metadata — timestamps, shield scores, threat classifications. That's it.

What's in v1.0

26 shields active across every plan. That number isn't arbitrary — it covers the full OWASP Top 10 for LLM Applications, plus behavioral analysis and EU AI Act compliance tools.

The shields that matter most in production right now:

  • Prompt injection detection — pattern matching + semantic analysis, without making an LLM call per request (too slow, too recursive)
  • PII detection and redaction — Presidio-based, fast, configurable per project
  • Secret leak detection — catches API keys, tokens, credentials in both directions
  • Behavioral fingerprinting — detects when a user's request pattern deviates from their baseline
  • Unicode steganography detection — catches invisible characters used to embed hidden instructions
  • Canary token injection — embed traceable values to detect data exfiltration

Every request is logged, scored, and classified. The dashboard gives you a real-time event feed, threat timeline, anomaly detection, and per-project analytics.

What's next

The EU AI Act compliance deadline is August 2026. We're shipping the full audit trail export and data classification reports before then. Every Senthex customer gets this automatically.

On-premises deployment is the most-requested enterprise feature. We're scoping it now.

And we're staying independent. Lakera, Protect AI, Prompt Security — all acquired by US companies in 2025. The European market needs an independent alternative. That's us.

The free plan is live. 10,000 requests per month. No credit card. Start here.

By Yohann Sidot

Share on XShare on LinkedIn

Next →

How to test if your LLM is vulnerable to prompt injection