About Policies

UnifAI policies are your built-in controls for AI security and compliance. Instead of manually tracking complex regulations, UnifAI automates policy enforcement across your AI ecosystem.

The policies are assigned a severity level (Critical, High, Medium and Low) and span across four domains — AI Threats and Exploits, Data Security and Privacy, Identity and Access Control, and Vulnerability.

UnifAI policies provide the following benefits:

• Automates consistent policy enforcement across AI assets to reduce manual review and human error.

• Strengthens AI systems against prompt injection, unsafe outputs, and misuse.

• Maintains region-aware PII detection models for US, EU, Singapore, and other jurisdictions, along with aligned redaction rules.

• Identifies and mitigates known open source and transitive dependency vulnerabilities.

• Generates structured remediation playbooks and AI-assisted fix guidance for secure implementation.

• Stores a curated, version-controlled policy repository accessible within UnifAI.

• Defines which policies apply to specific AI asset types such as LLMs, AI Agents, and MCP servers.

• Maps policies to global frameworks including NIST SSDF, OWASP, EU AI Act, and PDPA.

• Supports refinement of organization-specific AI governance rules and control configurations, and reviews custom enterprise policies for safety and completeness.

• Centralizes policy management to improve visibility, governance, and compliance.

UnifAI supports the following policy‑related actions:

1. View all policies

2. Enable or disable policies

3. Upload custom policies