Lasso Security
Secure AI Adoption at Enterprise Scale
Last verified April 27, 2026Quick facts: Lasso Security is an AI compliance vendor founded in 2023 and headquartered in Tel Aviv, IL. The vendor publicly documents coverage for EU AI Act, NIST AI RMF, ISO/IEC 42001, and SOC 2. Pricing is available on request. Profile last verified April 27, 2026, with every claim traceable to a cited public source.
About Lasso Security
Lasso Security provides an AI Security Platform that delivers visibility, control, and protection across AI models, agents, and applications for enterprises. The platform inventories AI assets including agents, models, prompts, tools, and guardrails via discovery and AI-BOM features. It offers AI Security Posture Management for misconfigurations, supply chain risks, and alignment with NIST and OWASP frameworks. Automated red teaming uses a library of over 3,000 attacks covering OWASP Top 10 and agentic threats like context poisoning. Runtime enforcement provides zero-latency decisions with remediation guidance, while AI Detection & Response leverages MITRE and OWASP for threat detection with 98.6% accuracy and sub-50ms latency, including intent analysis for anomalies. Lasso targets enterprises adopting GenAI, particularly regulated sectors, enabling secure innovation through real-time risk reduction, governance, and compliance support. The platform maps to frameworks like NIST AI RMF, EU AI Act, and ISO/IEC 42001 via runtime policies and audit trails, integrating with tools like Cloudflare and Palo Alto Networks.
Frameworks supported
Regulations and voluntary standards Lasso Security documents support for on their own materials. Chip shading reflects the strength of the claim, not an independent audit.
Regulation · EU · in force
Voluntary standard · US · voluntary
Voluntary standard · Global · voluntary
Attestations held
Third-party security attestations and certifications Lasso Security documents on their own materials. These are point-in-time auditor opinions, not regulatory compliance. Always request the current report or certificate directly from the vendor before relying on it.
Attestation · United States (AICPA)
Lasso Security features
Capabilities Lasso Security markets publicly. Inclusion means the feature is documented on the vendor's site — not that it's best-in-class. Last verified April 27, 2026.
AI Model Inventory
Centralized registry of all AI/ML models in use across the organization, with ownership, lifecycle stage, and risk classification.
Policy Management
Authoring, versioning, and distribution of AI usage policies mapped to regulations.
Risk Assessment Workflow
Guided workflows for completing AI impact assessments, risk scoring, and approval routing.
Model Monitoring
Production monitoring for performance, drift, data quality, and fairness regressions.
LLM Red Teaming
Automated adversarial testing of LLMs for jailbreaks, prompt injection, and unsafe outputs.
Audit Evidence Collection
Automated collection, hashing, and retention of evidence (model cards, test results, approvals) for audit.
Prompt Injection Defense
Detection and mitigation of malicious prompts intended to bypass system instructions or exfiltrate data.
AI Bill of Materials
Structured inventory of components, datasets, and models that make up an AI system.
Runtime Enforcement
Inline policy enforcement on AI inputs and outputs at request time.
AI Supply Chain Risk
Assessment of risks from third-party models, datasets, and AI service providers.
Integrations
Documented by Lasso Security in public product materials.
- Cloudflare
- Palo Alto Networks
- AWS GovCloud
Lasso Security pricing
Enterprise pricing only. Not publicly listed.
Pros and cons of Lasso Security
Pros
- Aligns with NIST AI RMF, OWASP Top 10, and MITRE via automated runtime policies and audit trails.
- Integrates with Cloudflare and Palo Alto Networks for network-level GenAI security without agents.
- Provides automated red teaming with 3,000+ attacks and 98.6% threat detection accuracy.
- Supports public sector via Lasso Federal on AWS GovCloud with FedRAMP alignment.
Cons
- No public pricing or free tier available.
- Focuses primarily on enterprise and regulated industries, less emphasis on SMBs.
- Employee count suggests early-stage scaling relative to largest competitors.
- No specific integrations with ML platforms like AWS SageMaker or Azure ML mentioned on homepage.
Frequently asked
What frameworks does Lasso map to?+
Lasso maps controls to NIST AI RMF, EU AI Act, ISO/IEC 42001, OWASP Top 10 for LLMs, MITRE ATLAS, SOC 2, and GDPR via runtime enforcement and exportable evidence.
How does Lasso discover AI assets?+
Discovery & AI-BOM inventories agents, models, prompts, tools, guardrails, and tracks changes continuously.
What threats does Lasso detect?+
Detects prompt injection, data poisoning, tool manipulation, model theft, and behavioral anomalies with sub-50ms latency and 98.6% accuracy using intent analysis.
Is Lasso suitable for public sector?+
Yes, Lasso Federal LLC offers solutions on AWS GovCloud for federal agencies, supporting FedRAMP, DoD SRG, ITAR, and CJIS compliance.
Does Lasso require agents?+
No agents needed for network integrations like Cloudflare; provides zero-latency enforcement.
Sources
Keep reading
See an error or outdated detail?
Profiles carry a last-verified date. If something is out of date or wrong, send a correction and we will review it.
Work at Lasso Security?
Claim this listing to propose edits to the tagline, description, pricing notes, and headquarters details. Every change is still reviewed by our editorial team.