Blog
April 15, 2026·6 min read·Yohann Sidot

Introducing Senthex v1.0

Today we're launching Senthex — an AI firewall that sits between your app and your LLM provider. One line of code. 26 shields. EU AI Act ready.

The problem

Every company integrating LLMs into production is exposed to the same set of risks. Prompt injection. PII leaks through model outputs. Data exfiltration via carefully crafted inputs. Model hijacking that turns your assistant into something you didn't build.

These aren't theoretical risks. They're happening at scale, right now, across thousands of production systems. The SQL injection of this decade — except most teams haven't even run a pentest on their LLM layer.

The solutions that existed before Senthex fell into two camps. The enterprise tools — complex, expensive, US-hosted, requiring weeks of integration work. And the open-source libraries — powerful, but requiring you to build the whole security infrastructure around them. Neither option works for a startup shipping features on a Tuesday.

Our approach

Senthex is a transparent reverse proxy. You change one line of code — your base_url — and every LLM call you make goes through our shield layer. Your API key, your SDK, your existing code: unchanged.

We hold proxy overhead to a tight budget — under 50 ms. At low load we measure about 44 ms p95; it rises under heavy concurrency. We publish the real number rather than a rounded-down headline, and keep working it down.

We process requests in real-time. We never buffer entire responses. The shield analysis happens in the streaming pipeline as chunks arrive, not after the fact.

We don't store full request or response bodies. By default we keep metadata — timestamps, shield scores, threat classifications — plus a short, PII-redacted preview of the system prompt for the audit trail. Set storage_mode='none' to keep nothing at all.

What's in v1.0

26 shields active across every plan. That number isn't arbitrary — it covers the full OWASP Top 10 for LLM Applications, plus behavioral analysis and EU AI Act compliance tools.

The shields that matter most in production right now:

  • Prompt injection detection — pattern/heuristic matching, no LLM call per request (too slow, too recursive); best-effort, never exhaustive
  • PII detection — Presidio-based, fast, configurable per project; redaction before the model is the redact mode (the default mode logs only)
  • Secret leak detection — catches API keys, tokens, credentials in both directions
  • Behavioral fingerprinting — detects when a user's request pattern deviates from their baseline
  • Unicode steganography detection — catches invisible characters used to embed hidden instructions
  • Canary token injection — embed traceable values to detect data exfiltration

Every request is logged, scored, and classified. The dashboard gives you a real-time event feed, threat timeline, anomaly detection, and per-project analytics.

What's next

The EU AI Act's high-risk obligations were provisionally postponed to December 2027 — but regulated buyers ask for the evidence well before the law compels it. We ship audit-trail export and data-classification reports so you can answer them. Every Senthex customer gets this.

On-premises deployment is the most-requested enterprise feature. We're scoping it now.

And we're staying independent. Lakera, Protect AI, Prompt Security — all acquired by US companies in 2025. The European market needs an independent alternative. That's us.

The free plan is live. No credit card. Start here.