Back to vendors
C

CalypsoAI

Also known as: Calypso AI, F5 AI Guardrails

Visit site
Agent infrastructureacquiredVerified 2026-06-30

Enterprise AI security platform that red teams, defends, and monitors AI models, apps, and agents at the inference layer. Now an F5 company.

CalypsoAI is an enterprise AI security platform that protects AI models, applications, and agents at the inference layer, the live moment when a model takes input and produces output. The company was founded in 2018 and began with national security work in Dublin and Washington before expanding into the commercial market. In September 2025 it was acquired by F5, the application delivery and security vendor, for $180 million, and its technology is being folded into the F5 Application Delivery and Security Platform under the F5 AI Guardrails name while keeping its model agnostic, vendor neutral approach.

The platform is organized as an inference perimeter built from three modules. Inference Red Team runs autonomous adversarial testing, firing thousands of attack prompts at a system to surface prompt injection, jailbreaks, and bias, and generates more than 10,000 fresh attack patterns each month to produce a risk score. Inference Defend applies real time guardrails and scanners that block prompt injection, sensitive data leakage, and policy violations as they happen. Inference Observe gives security teams centralized visibility, policy control, and audit logs across their whole AI estate.

Because protection sits at the inference layer rather than inside any one model, the same controls apply across providers, clouds, and environments, which matters to buyers who do not want to be locked to a single AI vendor. A process the company calls MutAIt lets defenses adapt as new attacks appear, rather than relying on static rules. The platform exposes a model agnostic API and connects natively to SIEM and SOAR tools, along with ticketing, identity, and notification systems, so AI specific threats show up in the same workflows security teams already run.

CalypsoAI is used by Fortune 500 organizations in financial services, consumer goods, critical infrastructure, and healthcare, and its centralized observability and audit trails are aimed at GDPR and EU AI Act obligations. It deploys as SaaS, on premises, or hybrid. Pricing is subscription based and sold through sales, scaled by inference volume, data processed, and the modules a customer turns on, with no public price list. Following the F5 acquisition, the capability is increasingly delivered as part of F5 AI Guardrails.

Vendor details

Canonical URL

https://calypsoai.com

Category

Agent infrastructure

Subcategory

AI security and red teaming

Funding status

Founded 2018 (Dublin, Ireland and Washington, DC), originally serving national security use cases before expanding to the commercial market. Acquired by F5 (NASDAQ: FFIV) for $180M in a deal announced September 2025, and being integrated into the F5 Application Delivery and Security Platform as F5 AI Guardrails.

Company status

acquired

Use cases & customers

Primary use cases

AI red teamingprompt injection defenseAI runtime guardrailsAI observabilityAI compliance

Target customers

enterprisesecurity teamsregulated industries

Deployment options

SaaSon-premhybrid

Integrations

Model agnostic API that works across AI providers and clouds, with native integration into SIEM and SOAR, plus ticketing, identity, and notification systems. Now being embedded into the F5 Application Delivery and Security Platform alongside WAF and API security.

In practice

Your security team needs to know whether your production LLM can be jailbroken before attackers do. CalypsoAI's red team fires thousands of evolving attack prompts at it and returns a risk score.

You are rolling out agents across several model providers and cannot bolt a different security tool onto each one. You put CalypsoAI at the inference layer so one set of guardrails covers every model and cloud.

Compliance is asking how you monitor and audit AI use across the company. Inference Observe gives you centralized visibility, policy control, and audit logs across the whole AI estate for GDPR and EU AI Act reporting.

Capability coverage

7.5 / 14 capabilities · 54%

Integrations & Tool CallingModel agnostic API with native integration into SIEM, SOAR, ticketing, identity, and notification systems, but it does not provide agent tool calling. Partial
Workflow OrchestrationEnforces security policies and guardrails at the inference layer but does not orchestrate agent workflows or runtime execution. Unable to verify
Knowledge Grounding & RAGA security and guardrails layer with no retrieval or knowledge grounding capability of its own. Unable to verify
Human Oversight & GuardrailsCore product. The Inference Defend module applies real time guardrails and scanners that block prompt injection, sensitive data leakage, and policy violations, with human defined policies and centralized policy control. Full
Security, Identity & GovernanceThe entire product is AI security and governance: runtime threat defense, RBAC, audit logs, identity integration, and compliance support for GDPR and the EU AI Act. Full
Observability & AuditabilityThe Inference Observe module provides centralized visibility into AI usage, policy control, and audit logs across the AI estate. Full
Memory & State PersistenceLogs and audits AI interactions for security, but does not provide a runtime memory or state layer for agents. Unable to verify
Deployment & Data ResidencyDeploys as SaaS, on premises, or hybrid across cloud and on premises environments, giving regulated buyers control over where data and inference are processed. Full
Prebuilt Agents, Templates & PacksShips customizable defensive scanners and a continuously growing library of more than 10,000 attack patterns a month, which are prebuilt security content rather than prebuilt agents. Partial
Triggers & Channel CoverageReal time defenses trigger blocks and alerts on detected threats and route to notification and SIEM channels, but it provides no agent invocation channels or schedulers. Partial
Model Flexibility & RoutingModel and provider agnostic, applying the same controls across any model and cloud at the inference perimeter, but it does not route model traffic. Partial
APIs, SDKs & MCP ExtensibilityExposes a model agnostic API and customizable, extensible scanners and policies with broad security tool integrations, but published SDK and MCP extensibility is limited. Partial
Testing, Debugging & OptimizationThe Inference Red Team module runs automated adversarial testing at scale, firing thousands of attack prompts and generating over 10,000 new attack patterns monthly to surface vulnerabilities and produce a risk score that drives hardening. Full
Browser & Computer UseNot applicable. CalypsoAI is an AI security platform and does not provide browser automation or computer use. Unable to verify

Recent platform changes

No recent material changes tracked yet.

Pricing

Contact sales

Subscription scaled by inference request volume, data processed, and modules enabled

Contact onlyHigh variable cost

Included quota

Not publicly disclosed. Allowances are set per contract based on inference volume and data processed.

What is public

Publicly, CalypsoAI is described as a subscription product sold by quote, scaled by inference volume, data, and modules. No dollar figures are published.

Billing mechanics

Subscription priced by usage tiers tied to inference request volume and data processed, plus the modules a customer enables (Inference Red Team, Inference Defend, Inference Observe). Sold and quoted through sales rather than self serve.

Cost watchouts

Total cost scales with inference volume, data processed, and the number of modules (Red Team, Defend, Observe) enabled. Post acquisition packaging may shift to F5 AI Guardrails licensing.

Variable cost rationale

Cost is tied to inference request volume and data processed, which grow with production AI usage, and to how many modules are enabled. With no public rates, exposure is hard to bound in advance.

Additional watchouts

Pricing and packaging are in flux due to the F5 acquisition. Buyers should confirm whether they are purchasing the standalone CalypsoAI platform or F5 AI Guardrails.

Overage / add-ons

Not publicly disclosed; usage tiers and overage are negotiated in the subscription.

Sales call required

Yes — required for paid access

Free / trial

No public free tier; demos and evaluations arranged through sales

Lowest paid plan

None published; pricing is by quote

Commercial notes

Aimed at large enterprises and regulated industries with dedicated security operations. Sold with vendor support and SLAs. Now an F5 company, with the capability moving into F5 AI Guardrails and the broader F5 Application Delivery and Security Platform.

Key ambiguities

No public pricing exists, and packaging is in transition as the product is integrated into the F5 Application Delivery and Security Platform.

Cancellation / refund

Enterprise contract terms; not publicly disclosed.

Support SLA / resale

Vendor support and SLAs are part of the commercial offering; specifics are negotiated per contract.

Missing data

No public price points, tier thresholds, or overage rates. Current packaging under F5 is not yet publicly detailed.

Verified 2026-06-30

Contact us

Found a vendor we missed? Have feedback on the index? We'd love to hear from you.

Agentic AI Index

A directory and comparison resource for AI agent platforms, autonomous workflow tools, and enterprise agentic automation products.

© 2026 Agentic AI Index

3801 N Capital of Texas Hwy, Ste E240 · Austin, TX 78746

Researched from public vendor sources. See Methodology.