Lakera
Also known as: Lakera AI, Lakera Guard
AI native security platform that protects LLMs and agents from prompt injection, jailbreaks, and data leakage at runtime, with continuous red teaming.
Lakera is an AI native security platform that protects large language models, generative AI, and agentic applications from attacks aimed at the AI layer itself, rather than only the network or endpoint. Founded in 2021 in Zurich by David Haber, Mateo Rojas-Carulla, and Matthias Kraft, with founders drawn from Google, Meta, and aerospace AI, the company was acquired by Check Point Software Technologies in a deal announced in September 2025 and estimated at around three hundred million dollars. Lakera now forms the foundation of Check Point's Global Center of Excellence for AI Security, with its technology being integrated into the Check Point Infinity platform.
The platform centers on two products. Lakera Guard provides real time runtime protection through a single API that sits in front of an application's models and agents, screening prompts, retrieval augmented generation, and MCP traffic to block prompt injection, jailbreaks, data and PII leakage, and model manipulation. The company reports detection rates above ninety eight percent with latency under fifty milliseconds and false positives below half a percent, and coverage across more than one hundred languages, so enterprises can enforce policy on AI traffic without slowing it down.
Lakera Red handles the other side of the lifecycle with pre deployment security assessments and continuous red teaming, probing AI systems for weaknesses before and after they ship. Much of Lakera's threat intelligence comes from Gandalf, an interactive AI security game that has drawn more than a billion players who try to trick a chatbot into revealing secrets, generating more than eighty million adversarial attack patterns that feed back into the detection models. A dedicated research team keeps the platform adapting to new attack techniques.
Lakera is delivered as an API based, cloud service with on premises options, and serves Fortune 500 enterprises. Following the Check Point acquisition, it is increasingly sold through the Infinity platform, appearing first in Check Point CloudGuard WAF and GenAI Protect, with existing Infinity customers able to add AI security as a capability inside their current deployments. Commercial pricing is not publicly listed and is handled through enterprise sales, though the Gandalf game remains a free, public way to explore the kind of attacks the platform defends against.
Vendor details
Canonical URL
https://www.lakera.ai
Category
Agent infrastructure
Subcategory
AI security and red teaming
Funding status
Founded in 2021 in Zurich by David Haber (CEO), Mateo Rojas-Carulla, and Matthias Kraft, with founders drawn from Google, Meta, and aerospace AI, and R&D centers in Zurich and San Francisco. Acquired by Check Point Software Technologies (NASDAQ: CHKP) in a deal announced September 2025, estimated at around $300M and expected to close in Q4 2025, with Lakera forming the foundation of Check Point's Global Center of Excellence for AI Security. Serves Fortune 500 enterprises.
Company status
acquired
Use cases & customers
Primary use cases
Target customers
Deployment options
Integrations
Delivered as a single API that sits in front of LLMs, generative AI, and agents, protecting prompts, RAG, and MCP traffic, and integrating into Check Point's Infinity platform including CloudGuard WAF and GenAI Protect. Supports more than 100 languages with sub-50ms latency.
In practice
Your customer facing chatbot can be tricked into leaking system prompts or PII. You put Lakera Guard in front of it through one API, blocking prompt injection and data leakage in real time.
Before launching an agent with tool access, you need to know how it can be exploited. Lakera Red red teams it pre deployment, surfacing the prompt and jailbreak weaknesses an attacker would find first.
Your agents call external MCP servers and you worry about manipulation or exfiltration. Lakera screens prompt, RAG, and MCP traffic and flags abnormal behavior before a compromised tool can act.
Sources & related URLs
Related / legacy domains
Capability coverage
5.0 / 14 capabilities · 36%
| Integrations & Tool CallingA single API that sits in front of LLMs and agents and screens prompt, RAG, and MCP traffic, with integration into the Check Point Infinity platform including CloudGuard WAF and GenAI Protect, but it is a security layer rather than a tool calling hub. | Partial |
|---|---|
| Workflow OrchestrationScreens and protects AI traffic but does not orchestrate agent workflows, sequencing, or branching. | Unable to verify |
| Knowledge Grounding & RAGScreens RAG traffic for security threats but does not itself provide retrieval or knowledge grounding. | Unable to verify |
| Human Oversight & GuardrailsCore product. Lakera Guard is a runtime guardrail engine that enforces policy on AI traffic in real time, blocking prompt injection, jailbreaks, data and PII leakage, and model manipulation before they reach the model or agent. | Full |
| Security, Identity & GovernanceCore product. AI native security is the entire platform, defending LLMs and agents against prompt injection, data leakage, and model manipulation with detection above 98 percent and continuous threat intelligence, now part of Check Point's AI security stack. | Full |
| Observability & AuditabilityDetects and logs attacks and abnormal AI behavior, with telemetry that feeds into Check Point analytics like ThreatCloud and SmartEvent, but it is security monitoring rather than general agent observability of cost, latency, and traces. | Partial |
| Memory & State PersistenceProvides runtime security and does not offer an agent memory or state persistence layer. | Unable to verify |
| Deployment & Data ResidencyAPI based and cloud delivered with on premises options, giving deployment flexibility, though the detailed residency matrix is handled through enterprise and Check Point deployment rather than a documented self host product. | Partial |
| Prebuilt Agents, Templates & PacksMaintains a large adversarial pattern library for detection, but offers no prebuilt agents, templates, or installable packs. | Unable to verify |
| Triggers & Channel CoverageOperates inline on AI traffic and raises security alerts on detection, but provides no agent triggers, scheduling, or conversational channel coverage. | Unable to verify |
| Model Flexibility & RoutingModel agnostic, protecting any LLM or provider it sits in front of across multimodal workflows, but it is not a routing or model traffic gateway. | Partial |
| APIs, SDKs & MCP ExtensibilityA developer API for inline protection with SDK integration and explicit MCP traffic awareness, though it exposes a security API rather than a broad extensibility or MCP server surface. | Partial |
| Testing, Debugging & OptimizationLakera Red provides pre deployment security assessments and continuous red teaming of AI systems, a strong adversarial testing capability, though it is focused on security rather than general quality evaluation and regression testing. | Partial |
| Browser & Computer UseNot applicable. Lakera is an AI security layer and does not provide browser automation or computer use. | Unable to verify |
Pricing
Contact sales (enterprise, via Check Point Infinity) · free Gandalf testing game
Enterprise licensing, typically by usage and deployment scope; sold through Check Point's Infinity platform and not publicly itemized
Included quota
Not public. Lakera Guard (runtime protection) and Lakera Red (red teaming) are licensed through enterprise agreements, increasingly via Check Point Infinity, where AI security can be added to existing deployments.
What is public
Product structure (Lakera Guard for runtime protection, Lakera Red for red teaming), performance claims, and the free Gandalf game are public. Dollar pricing is not.
Billing mechanics
Enterprise licensing, increasingly delivered through Check Point Infinity as an add on for existing customers or a standalone AI security capability. No public per request or seat pricing.
Cost watchouts
Runtime screening scales with AI traffic volume, and packaging is moving into Check Point Infinity, which can bundle AI security with broader platform licensing.
Variable cost rationale
As a runtime API screening every prompt and response, cost typically scales with AI traffic volume, but exact metering and rates are set in enterprise agreements and not public.
Additional watchouts
Commercial terms now flow through Check Point's enterprise motion, so pricing and packaging may track the Infinity platform rather than standalone Lakera plans. Buyers not already on Check Point should confirm standalone availability.
Overage / add-ons
Not publicly disclosed; commercial terms are set through enterprise sales.
Sales call required
Yes — required for paid access
Free / trial
Gandalf, the company's adversarial AI security game, is free to play. Commercial Lakera Guard and Lakera Red pricing is handled through sales.
Lowest paid plan
Not public; sold through enterprise sales and the Check Point Infinity platform
Commercial notes
Now part of Check Point Software. Sold to Fortune 500 enterprises through the Check Point go to market, with the runtime API offering near immediate time to protect. Gandalf serves as a free, public on ramp and intelligence source.
Key ambiguities
How Lakera is now priced and packaged standalone versus inside Check Point Infinity, and the metering unit, are not public.
Cancellation / refund
Not publicly disclosed; set in enterprise agreements.
Support SLA / resale
Enterprise support through Check Point, including the Infinity Portal already used for its other security products.
Missing data
All dollar pricing, metering units, and contract terms are set through enterprise sales and not public.
Related vendors
- AgentOps — Agent observability and reliability platform with broad model and…
- Agno — High-performance agent runtime and framework (formerly Phidata) with…
- Apify — Cloud platform for web scraping and automation with 45,000+ prebuilt…
- Arcade — Authenticated tool calling platform and MCP runtime that handles…
- Arize AI — AI observability and evaluation platform that traces, evaluates, and…
- Braintrust — AI evaluation and observability platform with self-serve pricing,…