Customizing Guardrails
While Agent Ops Director includes a comprehensive set of default guardrails, organizations often have unique requirements that necessitate customization. This guide explains how to create and maintain custom guardrails tailored to your specific needs.
Understanding Custom Guardrails
Custom guardrails allow you to:
- Address industry-specific regulatory requirements
- Protect proprietary information and internal systems
- Match your organization's specific risk profile and policies
- Extend default guardrails with organization-specific knowledge
Creating a Custom Guardrail
To create a completely new custom guardrail:
- Navigate to the Guardrail Studio section
- Click the + New button
- Configure the guardrail basics:
- Name: A descriptive name for the guardrail
- Category: Select an appropriate category (Security, Regulatory, Operational)
- Description: Explain the guardrail's purpose and function
- Mode: Choose initial mode (Monitoring recommended for new guardrails)
- Click Save to create the guardrail shell
After creating the guardrail, you'll need to add detection rules, test cases, and other components as described in other guides.
Cloning and Extending Existing Guardrails
Often, it's easier to start with an existing guardrail and customize it:
- In Guardrail Studio, select the guardrail you want to use as a base
- Click the Clone button
- Modify the cloned guardrail's settings as needed
- Add, remove, or modify detection rules
- Update test cases to match your customizations
This approach is particularly useful when you want to build on the foundation of a default guardrail while adding organization-specific elements.
Customizing for Industry-Specific Needs
Different industries have unique requirements:
Healthcare
- Add custom rules for PHI detection beyond standard patterns
- Implement HIPAA-specific guardrails for compliance
- Create rules for medical terminology and patient identifiers
Financial Services
- Add detection rules for financial product terminology
- Implement guardrails for regulatory frameworks like FINRA
- Create rules for detecting financial accounts and transaction data
Legal
- Create guardrails for attorney-client privileged communications
- Add rules for detecting legal document structures
- Implement confidentiality controls specific to legal processes
Importing and Exporting Custom Guardrails
To share custom guardrails across environments:
- In the guardrail details view, click the Export button
- The guardrail definition will be exported in a standardized format
- In another environment, use the Import button to upload the guardrail
This functionality is useful for maintaining consistency across development, testing, and production environments.
Managing Custom Guardrail Rules
Custom guardrails often require specialized detection rules:
- Go to the Detection Rules tab of your custom guardrail
- Click + Add Detection Rule to create new rules
- Consider using the Import Rules option to add rules from a library
You can also use the Manage Library feature to maintain a collection of reusable rules across multiple guardrails.
Creating Organization-Specific Rule Categories
For better organization of custom rules:
- When adding a rule, click the category dropdown
- Select Create New Category
- Enter a name and description for your custom category
- Assign relevant rules to this category
Custom categories help maintain clarity when you have many organization-specific rules.
Testing Custom Guardrails
Thorough testing is especially important for custom guardrails:
- Create comprehensive test cases that cover your organization's specific scenarios
- Include both valid and invalid examples based on your organization's data
- Regularly update test cases as your organization's needs evolve
See Testing Guardrails for detailed testing workflows.
Best Practices for Custom Guardrails
- Document Extensively: Include clear descriptions of why the guardrail exists and how it works
- Version Control: Maintain a clear version history for custom guardrails
- Regular Review: Schedule periodic reviews of custom guardrails to ensure continued relevance
- Collaborative Development: Involve security, compliance, and business stakeholders in custom guardrail creation
- Gradual Deployment: Roll out custom guardrails gradually, starting in Monitoring mode
Next Steps
- Review creating detection rules for custom rule development
- Learn about testing guardrails for your custom implementations
- Explore monitoring analytics to evaluate custom guardrail effectiveness