Giskard
Open-source and enterprise AI red-teaming platform for LLM security and quality testing
France🌐EU-hostable; SaaS, private cloud, and on-premise options with data residency and isolation. EU-sovereign Guards deployment available.About Giskard
Giskard was founded in 2021 in Paris by Alex Combessie and Jean-Marie John-Mathews (co-CEOs), both formerly of Dataiku, with a background spanning machine-learning engineering and AI-ethics research. The company is incorporated in France as Giskard SAS and operates an open-core business model: a free, widely adopted open-source library for LLM and ML testing alongside a commercial enterprise Hub for production AI security. The platform specialises in continuous red teaming, running 50+ automated adversarial probes (including multi-turn attacks) to surface hallucinations, prompt-injection and jailbreak vulnerabilities, toxicity, and robustness issues. For RAG systems it provides fine-grained quality metrics such as correctness and groundedness, and it integrates into CI/CD pipelines so AI quality and security regressions are caught before deployment. Giskard has also launched Guards, positioned as an independent, EU-sovereign guardrail layer that lets regulated enterprises secure AI applications on-premise. Giskard offers hybrid deployment across SaaS, private cloud, and on-premise, with data residency and isolation, a stated zero-training policy on customer data, and IP protection. As a European entity it provides native GDPR alignment alongside SOC 2 Type II and HIPAA compliance, with SSO and role-based access controls on the enterprise tier. This combination makes it well-suited to regulated EU sectors such as banking and insurance — its customer base includes AXA, BNP Paribas, and Michelin. The company raised a seed round with backers including Elaia and Bessemer Venture Partners, and has received non-dilutive support from the European Commission (EIC) and Bpifrance. For European enterprises seeking AI assurance from an EU-incorporated, EU-hostable vendor that explicitly does not train on customer data, Giskard is a strong data-sovereignty play in the AI-governance and testing space.
TrustKit Score Breakdown
?92% ExcellentPricing
FreemiumFree tierQuick Facts
Frequently Asked Questions
Is Giskard GDPR compliant?
Giskard has a TrustKit compliance score of 92% (Excellent). Data Residency: EU-incorporated vendor offering EU data residency with SaaS, private-cloud, and full on-premise deployment, plus an explicitly EU-sovereign guardrail product (Guards). Data isolation is a core selling point for regulated customers.. Legal Jurisdiction: Incorporated in France as Giskard SAS with no US parent. Subject to French and EU law and GDPR directly; not exposed to the US CLOUD Act for EU-hosted deployments..
Where does Giskard store data?
Giskard hosts data in: EU-hostable; SaaS, private cloud, and on-premise options with data residency and isolation. EU-sovereign Guards deployment available.. EU-incorporated vendor offering EU data residency with SaaS, private-cloud, and full on-premise deployment, plus an explicitly EU-sovereign guardrail product (Guards). Data isolation is a core selling point for regulated customers.
Does Giskard train on user data?
Giskard: Zero-training policy — Giskard does not train on customer data; IP protection guaranteed.. States a zero-training policy on customer data with IP protection, and offers data isolation plus enterprise retention controls via private-cloud/on-premise deployment. DPA available as an EU SOC 2 / HIPAA vendor.
What certifications does Giskard hold?
Giskard holds: SOC 2 Type II, HIPAA. SOC 2 Type II and HIPAA compliance are publicly stated. ISO 27001 was not found in public sources, which would strengthen the posture; certifications scored on the confirmed SOC 2 Type II.
Compare Giskard With
OneTrust
Osapiens
Aikido SecuritySimilar Tools
