Secure Homegrown AI Agents with Falcon AIDR and NVIDIA NeMo Guardrails BLOG Featured Now Live: The CrowdStrike 2026 Financial Services Threat Landscape Report May 14, 2026 Falcon AIDR Detects Threats at the Prompt Layer in Kubernetes AI Applications May 13, 2026 May 2026 Patch Tuesday: 30 Critical Vulnerabilities Among 130 CVEs May 12, 2026 Inside CrowdStrike Automated Leads: A Transformative Approach to Threat Detections May 11, 2026 Recent Video Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019 Helping Non-Security Stakeholders Understand ATT&CK in 10 Minutes or Less [VIDEO] Feb 21, 2019 Analyzing Targeted Intrusions Through the ATT&CK Framework Lens [VIDEO] Jan 22, 2019 Qatar’s Commercial Bank Chooses CrowdStrike Falcon®: A Partnership Based on Trust [VIDEO] Aug 20, 2018 Category Agentic SOC How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem 03/25/26 CrowdStrike Services and Agentic MDR Put the Agentic SOC in Reach 03/24/26 4 Ways Businesses Use CrowdStrike Charlotte AI to Transform Security Operations 03/12/26 Inside the Human-AI Feedback Loop Powering CrowdStrike’s Agentic Security 02/10/26 Cloud & Application Security 05/13/26 CrowdStrike Named a Leader in Frost & Sullivan 2026 Radar for Cloud-Native Application Protection Platforms 04/27/26 CrowdStrike Expands Real-Time Cloud Detection and Response to Google Cloud 04/22/26 CrowdStrike Falcon Cloud Security Delivered 264% ROI Through Unified Cloud Protection Threat Hunting & Intel 05/14/26 CrowdStrike Named a Leader in the First-Ever Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies 05/06/26 CrowdStrike Launches Falcon OverWatch for Defender 05/05/26 Tune In: The Future of AI-Powered Vulnerability Discovery 05/01/26 Endpoint Security & XDR 05/11/26 CrowdStrike Falcon Platform Achieves 441% ROI in Three Years 04/21/26 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management 04/01/26 Enhanced Network Visibility: A Dive into the Falcon macOS Sensor's New Capabilities 03/11/26 Engineering & Tech EMBER2024: Advancing the Training of Cybersecurity ML Models Against Evasive Malware 09/03/25 Falcon Platform Prevents COOKIE SPIDER’s SHAMOS Delivery on macOS 08/20/25 CrowdStrike’s Approach to Better Machine Learning Evaluation Using Strategic Data Splitting 08/11/25 CrowdStrike Researchers Develop Custom XGBoost Objective to Improve ML Model Release Stability 03/20/25 Executive Viewpoint Frontier AI Is Collapsing the Exploit Window.
Here’s How Defenders Must Respond. 04/20/26 Frontier AI for Defenders: CrowdStrike and OpenAI TAC 04/16/26 Anthropic Claude Mythos Preview: The More Capable AI Becomes, the More Security It Needs 04/06/26 The Architecture of Agentic Defense: Inside the Falcon Platform 01/16/26 From The Front Lines CrowdStrike Technical Risk Assessments Reveal Common Exposure Patterns 05/04/26 Introducing the CrowdStrike Shadow AI Visibility Service CrowdStrike Flex for Services Expands Access to Elite Security Expertise From Scanner to Stealer: Inside the trivy-action Supply Chain Compromise 03/20/26 Next-Gen Identity Security Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse 03/31/26 CrowdStrike FalconID Brings Phishing-Resistant MFA to Falcon Next-Gen Identity Security 02/26/26 CrowdStrike Named a Customers’ Choice in 2026 Gartner® Peer Insights™ Voice of the Customer for User Authentication 02/12/26 CrowdStrike to Acquire Seraphic to Secure Work in Any Browser 01/13/26 Next-Gen SIEM & Log Management Falcon Next-Gen SIEM Supports Third-Party EDR Tools, Starting with Microsoft Defender 03/23/26 Falcon Next-Gen SIEM Simplifies Onboarding with Sensor-Native Log Collection 03/06/26 Exposing Insider Threats through Data Protection, Identity, and HR Context 02/18/26 How to Scale SOC Automation with Falcon Fusion SOAR 02/11/26 Public Sector CrowdStrike Innovates to Modernize National Security and Protect Critical Systems 03/18/26 Falcon Platform for Government Now Offers Falcon for XIoT to Secure Connected Assets CrowdStrike Achieves FedRAMP® High Authorization 03/19/25 NHS Matures Healthcare Cybersecurity with NCSC’s CAF Assurance Model 03/13/25 Exposure Management 05/12/26 April 2026 Patch Tuesday: Two Zero-Days and Eight Critical Vulnerabilities Among 164 CVEs 04/14/26 How CrowdStrike Is Accelerating Exposure Evaluation as Adversaries Gain Speed 04/05/26 March 2026 Patch Tuesday: Eight Critical Vulnerabilities and Two Publicly Disclosed Among 82 CVEs Patched 03/10/26 Securing AI CrowdStrike Expands ChatGPT Enterprise Integration with Enhanced Audit Logging and Activity Monitoring 04/28/26 New CrowdStrike Innovations Secure AI Agents and Govern Shadow AI Across Endpoints, SaaS, and Cloud Secure Homegrown AI Agents with CrowdStrike Falcon AIDR and NVIDIA NeMo Guardrails 03/19/26 Introducing "AI Unlocked: Decoding Prompt Injection," a New Interactive Challenge Data Security Falcon Data Security Secures Data Wherever It Lives and Moves Falcon Data Protection for Cloud Extends DSPM into Runtime 11/20/25 CrowdStrike Stops GenAI Data Leaks with Unified Data Protection 09/18/25 Q&A: How Mastronardi Produce Secures Innovation with CrowdStrike 02/14/25 Start Free Trial March 19, 2026 Bruce McCorkendale - Rob Truesdell The biggest challenge for developers building AI applications is no longer the translation of user intent into action, but rather limiting its scope to stay within stated business goals and prevent abuse.
This challenge has moved from theoretical to mission-critical as AI agents transition from experimental projects to mainstream business tools, where a single compromised agent can expose customer data, execute unauthorized transactions, or violate compliance requirements across thousands of interactions. To defend agents against runtime attacks and reduce the agentic blast radius in the event of compromise, organizations need to define guardrails and a framework that applies those constraints on the do-anything-now capabilities of LLMs.
We're excited to announce that CrowdStrike Falcon® AI Detection and Response (AIDR) now supports NVIDIA NeMo Guardrails as of release v0.20.0, delivering enterprise-grade protection that helps organizations confidently move agentic AI applications from development to production. CrowdStrike Falcon AIDR with NVIDIA NeMo Guardrails NVIDIA NeMo Guardrails is an open-source library for adding programmable guardrails to LLMs and agentic applications.
It includes a suite of NVIDIA Nemotron Safety models for content safety, personally identifiable information (PII), jailbreak detection, and topic control with advanced reasoning capabilities and multilingual and multimodal support. Together, Falcon AIDR and NVIDIA NeMo Guardrails enable developers to manage agentic data access, control how they should respond, and see which tools and data sources they can access to help ensure custom policy compliance and safety controls.
Ultimately, this helps organizations move AI agents from experimentation to production with confidence, visibility, and control. Falcon AIDR blocks prompt injection attacks that could manipulate agent behavior and trigger unauthorized actions, redacts sensitive data to prevent exposure across thousands of automated interactions, defangs malicious content like adversarial domains before agents can execute compromised workflows, and moderates unwanted topics to ensure agents stay within compliance boundaries.
With over 75 built-in classification rules and support for custom data classification, Falcon AIDR provides the comprehensive guardrails that production agentic systems demand, protecting AI agents as they autonomously trigger actions and follow complex business processes. Use Cases Falcon AIDR with NVIDIA NeMo Guardrails excels in scenarios where homegrown AI agents operate autonomously across sensitive business processes.
Below are a few examples of how this could improve security across industries: Financial services , where agents handling customer inquiries can automatically redact account numbers and SSNs while blocking prompt injection attempts that could manipulate transaction logic. Healthcare organizations , which deploy clinical documentation assistants that protect protected health information (PHI) across patient interactions while preventing jailbreak attacks that could compromise medical advice accuracy.
Customer service organizations , which deploy autonomous support agents that handle complex, multi-turn troubleshooting workflows. Falcon AIDR helps ensure these agents don't expose customer PII in chat logs, prevents prompt injection that could manipulate refund policies, and blocks competitor mentions while maintaining natural conversation flow across dozens of interaction turns. Software development teams , which protect AI coding assistants by detecting hardcoded secrets, blocking code injection attempts, and redacting internal repository references before code is committed.
In each scenario, Falcon AIDR's flexible policy framework for NVIDIA NeMo Guardrails enables organizations to balance security with functionality, starting with monitoring mode to understand their threat landscape, then progressively enforcing blocks and redactions as agents move from development to production, all while maintaining up to sub-100ms response times that keep agentic workflows responsive and user experiences seamless.
Configuring Falcon AIDR Policies Falcon AIDR and its corresponding enable teams to create named detection policies tailored to their specific security requirements. A policy is a set of enabled detectors configured to detect, block, redact, encrypt, or transform content. Policies serve as AI guardrails applied at critical points in AI agent and application workflows such as chat input sanitization, chat output filtering, RAG data ingestion, and agent tool invocation.
Falcon AIDR includes default policies (e.g., for chat input and chat output) that correspond to these common scenarios, and teams can create custom policies that combine detectors with specific action modes for their unique use cases. The Falcon AIDR API takes the policy name and an OpenAI-compatible messages array containing role-based content (user, system, assistant, tool, function, etc.). The API applies the policy to the appropriate elements of the messages array and returns a recommendation to block or allow, along with possibly transformed elements, such as redacted PII, defanged URLs, or encrypted sensitive data, that the calling application should use in place of the original content (if not blocking the message outright).
This flexible response model enables you to start in monitoring mode (report-only) during development, then progressively enforce stricter controls (block, redact, encrypt) as you move to production, ensuring security doesn't slow your development velocity. Falcon AIDR Detectors Falcon AIDR supports the following detectors: Detector Description Malicious Prompt Reports or blocks attempts to manipulate an AII app into violating the constraints of its app-level or model-level intent (prompt injection) Topic Reports or blocks content related to restricted or disallowed topics Language Reports, blocks, or explicitly allows a spoken language to enforce language-based security policies Code Reports or blocks attempts to insert executable code into AI interactions Malicious Entity Reports, defangs, or blocks harmful references such as malicious IPs, URLs, and domains Confidential and PII Reports, redacts, encrypts, or blocks PII and other confidential data, such as email addresses, credit cards and bank numbers, government-issued IDs, etc.
Secret and Key Entity Reports, redacts, encrypts, or blocks sensitive credentials like API keys, encryption keys, etc. Competitors Reports or blocks mentions of competing brands or entities Custom Entity Allows users to define and detect specific text patterns or sensitive terms that AI Guard will report, redact, encrypt, or block Using Falcon AIDR with NeMo Guardrails NVIDIA NeMo Guardrails allow you to define the flow of an AI application along with “rails” using Colang, which is an event-driven interaction modeling language that is interpreted by a Python runtime.
The NVIDIA NeMo Guardrails GitHub repo has setup instructions for Falcon AIDR support here . NVIDIA NeMo Guardrails Colang examples that apply AIDR as rails can be found in the examples/ configs folder: NeMo-Guardrails └── examples └── configs crowdstrike_aidr ├── config.yml └── README.md crowdstrike_aidr_v2 ├── main.co ├── rails.co Below are the three files from the folder with a minimal Colang 2 NVIDIA NeMo Guardrails example application using Falcon AIDR for input and output rails. -------------------------------------------- config.yml colang_version: "2.x" models: - type: main engine: openai model: gpt-4o-mini instructions: - type: general content: | You are a helpful assistant. rails: config: crowdstrike_aidr: timeout: 15.0 # Optional request timeout in seconds.
Defaults to 30 seconds. tells NVIDIA NeMo Guardrails to: Use gpt-4o-mini as the LLM to be used by the chat agent Use “You are a helpful assistant.” as the system prompt. Optionally configure the request timeout used by the Falcon AIDR guardrail. main.co import core import llm flow main activate llm continuation defines the main flow of the chat agent, activating the “llm continuation flow” pattern to drive the dialog of the chat app. rails.co import guardrails import nemoguardrails.library.crowdstrike_aidr flow input rails $input_text crowdstrike aidr guard input flow output rails $output_text crowdstrike aidr guard output defines the input and output rails so that they will apply Falcon AIDR.
Get Started with Falcon AIDR Falcon AIDR, now supported with NVIDIA NeMo Guardrails, enables developers to secure AI agents and workloads by blocking prompt injections, sanitizing inputs/outputs, and redacting sensitive data with 75+ built-in rules and custom classifiers, while also moderating unwanted or inappropriate responses. This integration delivers a comprehensive framework for building safe, enterprise-ready AI applications with strong threat mitigation across multiple vectors.
Check out the details on GitHub . To discuss the commercial use of Falcon AIDR or schedule a demo, please contact us . Related Content Categories CONNECT WITH US FEATURED ARTICLES May 06, 2026 May 05, 2026 SUBSCRIBE Sign up now to receive the latest notifications and updates from CrowdStrike. Sign Up See CrowdStrike Falcon ® in Action Detect, prevent, and respond to attacks— even malware-free intrusions—at any stage, with next-generation endpoint protection.
See Demo Privacy Request Info Contact Us 1.888.512.8906 Accessibility