Overview

Detects SQL operations on tables that are not within the limits set in the policy. Any operation on or with another table that is not listed in the policy will trigger the configured action.

Enable this policy for achieving the finest level of security for your SQL statements.

User: “I have a table called companies, write an SQL query that fetches the company revenue from the companies table.”

LLM Response: “SELECT revenue FROM companies;“

Policy details

This policy ensures that SQL commands are only executed on allowed tables.

Any attempt to access tables not listed in the policy will be the detected and the guardrail will carry out the chosen action, maintaining a high level of security for database operations.

Security Standards

  1. OWASP LLM Top 10 Mapping: LLM02: Insecure Output Handling.
  2. NIST Mapping: Access Enforcement.
  3. MITRE ATLAS Mapping: Exploit Public-Facing Application.