SaaS
Policies in Dashboard
Create and manage allow, deny, and transform rules for your agents directly in the ShieldAgent dashboard — no YAML files, no deployments.
Policy types
Allow
Explicitly permit a tool call. Use to create an allowlist for sensitive tools.
Deny
Block a tool call and return an error to the agent. Logs the denial in the audit trail.
Transform
Modify the call arguments before forwarding (e.g. redact PII, strip credentials from output).
Creating a policy
- 1.Go to Policies → New Policy.
- 2.Select the tenant and optionally scope to a specific agent .
- 3.Choose the action: Allow, Deny, or Transform.
- 4.Define the match conditions(tool name, argument pattern, risk score range).
- 5.Set priority. Lower numbers run first. Conflicting rules: lowest priority wins.
- 6.Click Save & Activate. Policy is live immediately.
Example: block execute_command
ActionDENY
Toolexecute_command
ScopeAll agents
Priority1
ReasonPrevent arbitrary command execution
Policy templates
Start from a pre-built template under Policies → Templates:
- ▸Read-only filesystem — deny all write/delete tool calls
- ▸PII redaction — transform outputs to strip email, phone, SSN patterns
- ▸EU AI Act baseline — deny high-risk tools, log everything to audit trail
- ▸Risk-scored block — auto-deny calls scoring above a configurable threshold
Compliance Reports →
Generate EU AI Act, ISO 42001, NIST AI RMF evidence from your audit trail