Skip to content

AI Detection & Response Release Notes

Overview

We are excited to announce the latest release of HiddenLayer’s AI Detection & Response (AIDR), a testament to our commitment to providing the industry's most advanced AI security solutions. This latest update introduces new features and enhancements that offer an even more robust, intuitive, and effective cybersecurity for AI experience.

AIDR for GenAI version 25.6.0

Release Notes for AIDR (LLM Proxy) v25.6.0 released on June 26, 2025.

What’s New

Prompt Injection Model version 5

  • The AIDR model version 5

    • Provides protection against TokenBreak attacks. TokenBreak attacks can bypass safety features and guardrails for large language models (LLMs).
    • Significantly lower false positives across the board.
    • Improved true positive rate for non-English languages.

Projects and Custom Rulesets

  • Customers can now create projects to represent unique AI applications or use cases.
  • Projects can use a custom ruleset to configure AIDR detectors, rather than using one universal ruleset for all use cases.

Enriched Sandbox

  • The Sandbox in the Console now provides historical chat context and more sample prompts.

AIDR version 25.5.2

Release Notes for AIDR (LLM Proxy) v25.5.2 released on May 29, 2025.

What’s New

Remote Ruleset Configuration

  • Remotely manage detection configuration from the console, rather than requiring configuration via environment variables or headers.

  • Detection configuration for Prompt Injection, DDOS, PII, and Guardrails are supported.

  • Headers sent in the request can override remote rules if the local configuration is set to allow header overrides.
  • Once a default ruleset is established, it will override any conflicting local configurations.
  • Rulesets are polled for changes once a minute, so changes should propagate to your deployment in less than five minutes.

Prompt Injection Model v4.5

  • Releasing the V4.5 Prompt Injection model, with significantly higher performance on English and other supported languages (German, Spanish, Korean, Japanese, French, and Italian).

Previous Releases

AIDR version 25.3.1

Release Notes for AIDR (LLM Proxy) v25.3.1 released on April 3, 2025.

What’s New

Mistral - Amazon Bedrock

  • Mistral models are now supported in Amazon Bedrock.

What’s Improved

Quick Scan Updates

  • Quick Scan now scans the full input, where previously it scanned just the first 512 tokens. It doesn't do a second scan with non-alphanumeric characters stripped. As a consequence, long prompts will have higher latency with Quick Scan.
  • Full Scan does the same but also does a second scan with non-alphanumeric characters stripped.

AIDR version 25.3.0

Release Notes for AIDR (LLM Proxy) v25.3.0 released on March 13, 2025.

What’s New

OWASP 2025 Update

  • For the LLM Sandbox in the Console, 2025 has been added to the OWASP Scenario. Example: LLM01: 2025 Prompt Injection.
  • For AI Detection & Response, the prompt analyzer returns owasp_2025 in the response body.

What's Improved

Language improvement PI model version 4

A new version of the prompt injection detection classifier with an emphasis on language translation support.

AIDR version 25.2.0

Release Notes for AIDR (LLM Proxy) v25.2.0 released on February 19, 2025.

What’s New

GPU Utilization

AI Detections & Response can utilize a GPU to improve throughput and performance.

Refusals Detection

Refusals can now be detected based on the language in outputs. Turning on this feature (configurable) allows customers to detect refusals caused by custom system prompts, rather than the generic set of safety guardrails established by upstream LLM providers.

Error Passthrough

For reverse proxy requests (i.e., passthrough requests), Proxy will now propagate upstream errors back to the requester instead of responding with a HTTP 502 or HTTP 500. SageMaker and Bedrock will continue always responding with HTTP 502 for upstream errors.

AIDR version 25.1.0

Release Notes for AIDR (LLM Proxy) v25.1.0 released on January 21, 2025.

What’s Improved

Support for Multiple AWS Bedrock Accounts

A single AIDR instance can now route traffic to multiple AWS Bedrock instances with different credentials.

AIDR version 24.12.0

Release Notes for AIDR (LLM Proxy) v24.12.0 released on December 17, 2024.

What’s Improved

Increased Prompt Efficacy

Increased efficacy on Japanese and Korean prompts.

AI Detection & Response v24.10.3

Release Notes for the AIDR (LLM Proxy) v24.10.3 released on November 26, 2024.

What’s New

Prompt Injection Detection

A new prompt injection detection for AIDR, Control tokens, identifies when a prompt contains specific control tokens known to confuse LLMs and allow a malicious user to subvert their instructions.

Guardrail Detection for Gemini

AIDR now supports Guardrail Detection for Gemini, as well as OpenAI and models hosted on Azure. Guardrail detection works by deterministically passing through the field set by the LLM provider, allowing a guardrail event to be added into security workflows. Anthropic does not offer a guardrail field today, so AIDR does not support guardrail detection for Anthropic models.

AWS Instance Profiles Authentication

AIDR supports AWS instance profiles for authentication to Sagemaker/Bedrock.

AI Detection & Response v24.10.0

Release Notes for the AIDR (LLM Proxy) v24.10.0 released on October 15, 2024.

What’s New

New Model Version

Released a new version of the model with higher accuracy.

AI Detection & Response v24.9.1

Release Notes for the AIDR (LLM Proxy) v24.9.1 released on September 23, 2024.

What’s Improved

AIDR Logging

he AIDR SIEM logs now provide a persistent event_id.

AI Detection & Response v24.9.0

Release Notes for the AIDR (LLM Proxy) v24.9.0 released on September 17, 2024.

What’s Improved

AIDR API

The Prompt Analyzer now offers full AIDR functionality, allowing customers running AIDR to check the input and output safety flexibly throughout their application.

Improved Efficacy for Code Detections

Enhancements to AIDR code detections to improve security and performance.

Reduction in Compute Usage

This release of AIDR reduces compute usage.

AI Detection & Response v24.8.1

Release Notes for the AIDR (LLM Proxy) v24.8.1 released on September 3, 2024.

What’s Improved

Added a non-root user to the runtime-image

This allows users who require that their pods cannot run as root to install AIDR.

What’s Resolved

This release also includes performance improvements and bug fixes.

AI Detection & Response v24.8.0

Release Notes for the AIDR (LLM Proxy) v24.8.0 released on August 20, 2024.

What’s New

Route Passthrough

AIDR now supports unmapped route passthrough, sending your request to the generative AI provider, regardless of whether the endpoint is directly supported. This new, optional global policy setting in the LLM Proxy provides a seamless user experience.

AI Detection & Response v24.7.0

Release Notes for the AIDR (LLM Proxy) v24.7.0 released on July 23, 2024.

What’s Resolved

This release also includes performance improvements and bug fixes.

AI Detection & Response v24.6.0

Release Notes for the AIDR (LLM Proxy) v24.6.0 released on June 20, 2024.

What’s New

New LLM Proxy Configurations

This release includes three new global policy settings to improve the user experience.

  • Include Block Message Reasons - When enabled, includes the block message reasons in the response.
  • Proxy Enabled Passthrough Streaming - When enabled, the proxy will immediately start streaming the response back to the requester. Currently available for OpenAI and Azure OpenAI.
  • Max Request Size - The maximum size for a request or a response, in bytes.

What’s Updated

Improved Detections

Modified and improved code detections in the analyzer.

MITRE Tags for Detections

When a modality restriction detection occurs, the LLM Proxy includes the MITRE ATLAS ID.

What’s Resolved

The following items have been resolved for this release.

  • Proper handling of PII redaction when a context window is set to LAST.
  • Added support for OpenAI chat completion functions.
  • Resolved an issue with reverse-proxy routes for Sagemaker and Bedrock. Updated the LLM Proxy Deployment Guide with examples for Sagemaker and Bedrock.