Skip to content
§00 / Evidence packs

Evidence collects itself.

Every run yields a ready set of controls: mapped and automated, the evidence bundle assembles itself. Not a compliance declaration, but a machine-assembled evidence pack you bring to the auditor.

152-FZ Russia
controls automated
evidence assembles automatically

A ready evidence pack for a 152-FZ audit.

Passport, INN and SNILS detectors out of the box: personal data is visible in traffic before it reaches the model.

GDPR European Union
controls automated
evidence assembles automatically

Data-subject rights are fulfilled by the machine, not by email threads.

Art. 17 "right to be forgotten": an automated /forget cascade across every store.

SOC 2 International
controls-as-code
evidence assembles automatically

Controls-as-code and an evidence auto-collector for the audit.

This is audit-readiness, not certification: the product has no SOC 2 audit. The pack speeds up passing an external auditor.

audit-ready
§01 / Crosswalk

OWASP LLM Top 10 → DLP layers.

Every risk LLM01–LLM10 is mapped to a concrete product control. Tactics from MITRE ATLAS are covered by detections and playbooks in the AI scanner. This is a mapping of risks to controls, not a claim of full coverage.

  • LLM01 Prompt Injection → L0 · L3 · RAG firewall
  • LLM02 Sensitive Info Disclosure → L1 · L2 · L4
  • LLM03 Supply Chain → AI scanner
  • LLM04 Data & Model Poisoning → RAG firewall
  • LLM05 Improper Output Handling → L6 · L7
  • LLM06 Excessive Agency → Agents · HITL · Kill-switch
  • LLM07 System Prompt Leakage → AI scanner · L4
  • LLM08 Vector & Embedding Weakness → RAG firewall · L2
  • LLM09 Misinformation → L5 · L6
  • LLM10 Unbounded Consumption → Kill-switch
§02 / Audit

A log chained with HMAC.

Every request, DLP verdict and kill-switch toggle lands in a tamper-evident log that verifies offline and streams into your SIEM.

log chain · verify ✓

Hover a link to highlight the chain verification.

offline-verifiable · SIEM CEF export · org_id isolation

HMAC chain

A record cannot be silently altered or deleted.

Every log record is chained by HMAC to the previous one. Any edit breaks the chain, and the verify endpoint shows the break.

Offline-verifiable

Integrity is verified without contacting the vendor.

Chain verification is self-contained and runs in air-gap: the auditor verifies the log on their own side.

SIEM · CEF

Events flow into your SIEM in a standard format.

DLP and kill-switch events export to CEF. E2E-tested with Splunk.

org_id isolation

Tenants never see each other's data.

Multi-tenancy at the org_id level: cross-org access to users and logs returns 404.

§03 / Methodology

The product stands on an open methodology.

HA.Prizma is part of the MLSec methodology toolset. The methodology itself is open, and your process maturity can be measured with a quick questionnaire.

Methodology

MLSec Recommendations

An open Russian-language handbook on AI/ML security: 31 chapters in seven groups, from threat modeling and red-teaming to MITRE ATLAS in Russian and FinOps for AI. The methodology the product stands on; maintained by a separate team.

Open the methodology
Maturity assessment

A 12-minute MLSec quick assessment

Sixty questions across ten domains, a 1–5 scale. The output: a maturity chart, a gap analysis against industry benchmarks and a prioritized roadmap for the quarter.

Request the questionnaire
§04 / Industry scenarios

One platform, four perimeters.

The industry pain and how HA.Prizma answers it.

Finance

fin

pain
Analysts and developers carry card numbers, account details and customer data into LLMs; the regulator demands provable control.

HA.Prizma
DLP catches Financial entities (Luhn validator) before they leave, budgets curb overspend, and the HMAC log with the SOC 2 evidence pack give material for the audit.

Public sector

gov

pain
A closed perimeter, no cloud egress, personal data under 152-FZ.

HA.Prizma
Deploys in air-gap with an offline license and no call-home; passport/INN/SNILS detectors and a 152-FZ evidence pack with automated controls out of the box.

Healthcare

health

pain
Medical data (PHI) ends up in the prompts of clinical and research tools.

HA.Prizma
A PHI layer and masking inbound and outbound, a /forget cascade for the right to be forgotten, a full audit of access to patient data.

Telecom

telco

pain
Thousands of developers and dozens of AI tools, zero visibility into shadow usage.

HA.Prizma
Network enforcement (PAC/DNS/firewall) routes all traffic to the gateway, shadow-AI detection and a topology graph show who works through which model.

Ready?

All your AI traffic under your control

A self-hosted LLM Firewall inside your perimeter. One base_url line, and no prompt leaves directly.

sales@hackadvisor.io NDA on request · reply within one business day