Back to vendors
L

Lakera

Also known as: Lakera AI, Lakera Guard

Visit site
Agent infrastructureacquiredVerified 2026-06-30

AI native security platform that protects LLMs and agents from prompt injection, jailbreaks, and data leakage at runtime, with continuous red teaming.

Lakera is an AI native security platform that protects large language models, generative AI, and agentic applications from attacks aimed at the AI layer itself, rather than only the network or endpoint. Founded in 2021 in Zurich by David Haber, Mateo Rojas-Carulla, and Matthias Kraft, with founders drawn from Google, Meta, and aerospace AI, the company was acquired by Check Point Software Technologies in a deal announced in September 2025 and estimated at around three hundred million dollars. Lakera now forms the foundation of Check Point's Global Center of Excellence for AI Security, with its technology being integrated into the Check Point Infinity platform.

The platform centers on two products. Lakera Guard provides real time runtime protection through a single API that sits in front of an application's models and agents, screening prompts, retrieval augmented generation, and MCP traffic to block prompt injection, jailbreaks, data and PII leakage, and model manipulation. The company reports detection rates above ninety eight percent with latency under fifty milliseconds and false positives below half a percent, and coverage across more than one hundred languages, so enterprises can enforce policy on AI traffic without slowing it down.

Lakera Red handles the other side of the lifecycle with pre deployment security assessments and continuous red teaming, probing AI systems for weaknesses before and after they ship. Much of Lakera's threat intelligence comes from Gandalf, an interactive AI security game that has drawn more than a billion players who try to trick a chatbot into revealing secrets, generating more than eighty million adversarial attack patterns that feed back into the detection models. A dedicated research team keeps the platform adapting to new attack techniques.

Lakera is delivered as an API based, cloud service with on premises options, and serves Fortune 500 enterprises. Following the Check Point acquisition, it is increasingly sold through the Infinity platform, appearing first in Check Point CloudGuard WAF and GenAI Protect, with existing Infinity customers able to add AI security as a capability inside their current deployments. Commercial pricing is not publicly listed and is handled through enterprise sales, though the Gandalf game remains a free, public way to explore the kind of attacks the platform defends against.

Vendor details

Canonical URL

https://www.lakera.ai

Category

Agent infrastructure

Subcategory

AI security and red teaming

Funding status

Founded in 2021 in Zurich by David Haber (CEO), Mateo Rojas-Carulla, and Matthias Kraft, with founders drawn from Google, Meta, and aerospace AI, and R&D centers in Zurich and San Francisco. Acquired by Check Point Software Technologies (NASDAQ: CHKP) in a deal announced September 2025, estimated at around $300M and expected to close in Q4 2025, with Lakera forming the foundation of Check Point's Global Center of Excellence for AI Security. Serves Fortune 500 enterprises.

Company status

acquired

Use cases & customers

Primary use cases

LLM and agent runtime securityprompt injection defensedata leakage preventionAI red teamingGenAI guardrails

Target customers

enterprisesecurity teams

Deployment options

SaaSon-prem

Integrations

Delivered as a single API that sits in front of LLMs, generative AI, and agents, protecting prompts, RAG, and MCP traffic, and integrating into Check Point's Infinity platform including CloudGuard WAF and GenAI Protect. Supports more than 100 languages with sub-50ms latency.

In practice

Your customer facing chatbot can be tricked into leaking system prompts or PII. You put Lakera Guard in front of it through one API, blocking prompt injection and data leakage in real time.

Before launching an agent with tool access, you need to know how it can be exploited. Lakera Red red teams it pre deployment, surfacing the prompt and jailbreak weaknesses an attacker would find first.

Your agents call external MCP servers and you worry about manipulation or exfiltration. Lakera screens prompt, RAG, and MCP traffic and flags abnormal behavior before a compromised tool can act.

Capability coverage

5.0 / 14 capabilities · 36%

Integrations & Tool CallingA single API that sits in front of LLMs and agents and screens prompt, RAG, and MCP traffic, with integration into the Check Point Infinity platform including CloudGuard WAF and GenAI Protect, but it is a security layer rather than a tool calling hub. Partial
Workflow OrchestrationScreens and protects AI traffic but does not orchestrate agent workflows, sequencing, or branching. Unable to verify
Knowledge Grounding & RAGScreens RAG traffic for security threats but does not itself provide retrieval or knowledge grounding. Unable to verify
Human Oversight & GuardrailsCore product. Lakera Guard is a runtime guardrail engine that enforces policy on AI traffic in real time, blocking prompt injection, jailbreaks, data and PII leakage, and model manipulation before they reach the model or agent. Full
Security, Identity & GovernanceCore product. AI native security is the entire platform, defending LLMs and agents against prompt injection, data leakage, and model manipulation with detection above 98 percent and continuous threat intelligence, now part of Check Point's AI security stack. Full
Observability & AuditabilityDetects and logs attacks and abnormal AI behavior, with telemetry that feeds into Check Point analytics like ThreatCloud and SmartEvent, but it is security monitoring rather than general agent observability of cost, latency, and traces. Partial
Memory & State PersistenceProvides runtime security and does not offer an agent memory or state persistence layer. Unable to verify
Deployment & Data ResidencyAPI based and cloud delivered with on premises options, giving deployment flexibility, though the detailed residency matrix is handled through enterprise and Check Point deployment rather than a documented self host product. Partial
Prebuilt Agents, Templates & PacksMaintains a large adversarial pattern library for detection, but offers no prebuilt agents, templates, or installable packs. Unable to verify
Triggers & Channel CoverageOperates inline on AI traffic and raises security alerts on detection, but provides no agent triggers, scheduling, or conversational channel coverage. Unable to verify
Model Flexibility & RoutingModel agnostic, protecting any LLM or provider it sits in front of across multimodal workflows, but it is not a routing or model traffic gateway. Partial
APIs, SDKs & MCP ExtensibilityA developer API for inline protection with SDK integration and explicit MCP traffic awareness, though it exposes a security API rather than a broad extensibility or MCP server surface. Partial
Testing, Debugging & OptimizationLakera Red provides pre deployment security assessments and continuous red teaming of AI systems, a strong adversarial testing capability, though it is focused on security rather than general quality evaluation and regression testing. Partial
Browser & Computer UseNot applicable. Lakera is an AI security layer and does not provide browser automation or computer use. Unable to verify

Recent platform changes

No recent material changes tracked yet.

Pricing

Contact sales (enterprise, via Check Point Infinity) · free Gandalf testing game

Enterprise licensing, typically by usage and deployment scope; sold through Check Point's Infinity platform and not publicly itemized

Contact onlyMedium variable cost

Included quota

Not public. Lakera Guard (runtime protection) and Lakera Red (red teaming) are licensed through enterprise agreements, increasingly via Check Point Infinity, where AI security can be added to existing deployments.

What is public

Product structure (Lakera Guard for runtime protection, Lakera Red for red teaming), performance claims, and the free Gandalf game are public. Dollar pricing is not.

Billing mechanics

Enterprise licensing, increasingly delivered through Check Point Infinity as an add on for existing customers or a standalone AI security capability. No public per request or seat pricing.

Cost watchouts

Runtime screening scales with AI traffic volume, and packaging is moving into Check Point Infinity, which can bundle AI security with broader platform licensing.

Variable cost rationale

As a runtime API screening every prompt and response, cost typically scales with AI traffic volume, but exact metering and rates are set in enterprise agreements and not public.

Additional watchouts

Commercial terms now flow through Check Point's enterprise motion, so pricing and packaging may track the Infinity platform rather than standalone Lakera plans. Buyers not already on Check Point should confirm standalone availability.

Overage / add-ons

Not publicly disclosed; commercial terms are set through enterprise sales.

Sales call required

Yes — required for paid access

Free / trial

Gandalf, the company's adversarial AI security game, is free to play. Commercial Lakera Guard and Lakera Red pricing is handled through sales.

Lowest paid plan

Not public; sold through enterprise sales and the Check Point Infinity platform

Commercial notes

Now part of Check Point Software. Sold to Fortune 500 enterprises through the Check Point go to market, with the runtime API offering near immediate time to protect. Gandalf serves as a free, public on ramp and intelligence source.

Key ambiguities

How Lakera is now priced and packaged standalone versus inside Check Point Infinity, and the metering unit, are not public.

Cancellation / refund

Not publicly disclosed; set in enterprise agreements.

Support SLA / resale

Enterprise support through Check Point, including the Infinity Portal already used for its other security products.

Missing data

All dollar pricing, metering units, and contract terms are set through enterprise sales and not public.

Verified 2026-06-30

Contact us

Found a vendor we missed? Have feedback on the index? We'd love to hear from you.

Agentic AI Index

A directory and comparison resource for AI agent platforms, autonomous workflow tools, and enterprise agentic automation products.

© 2026 Agentic AI Index

3801 N Capital of Texas Hwy, Ste E240 · Austin, TX 78746

Researched from public vendor sources. See Methodology.