Twin Gatekeeper Framework: Real-Time Dual-Model Vetting to Secure LLMs

Traditional security controls—such as web application firewalls (WAFs) and data loss prevention (DLP) systems—are ill-equipped to defend against a new class of semantic attacks on large language models (LLMs). Threats like prompt injection and context-aware data leakage exploit meaning rather than malicious syntax, rendering conventional tools architecturally blind to these attack vectors.

The Twin Gatekeeper framework addresses this challenge with a real-time architecture tailored for high-stakes environments like finance, healthcare, and government operations. This architecture uses a dual-model vetting process—sometimes informally called an "LLM-as-a-judge"—that pairs a powerful Generator LLM (e.g., Llama 3 70B) with a fast, specialized Checker LLM (e.g., Mistral 7B). The Checker evaluates all inputs and outputs against critical threats like Prompt Injection (LLM-01) and Sensitive Information Disclosure (LLM-06), offering key advantages in resilience and adaptability over simpler rule-based or single-model guardrails. With a verifiable latency overhead of just 100–400 ms, this session includes a demonstration of the framework in action and provides a practical, cost-effective path to deploying scalable, production-ready AI defenses.