Policies & Rules
Define custom security rules and content policies for your AI applications.
What are Policies?
Policies are customizable rules that define what content is allowed or blocked in your AI interactions. They give you fine-grained control over security and compliance.
Policy Types
Content Policies
Block or filter specific types of content (topics, keywords, sentiment)
Data Policies
Control how sensitive data is handled (PII redaction, data retention)
User Policies
Set permissions and rate limits per user or role
Compliance Policies
Pre-built templates for HIPAA, PCI-DSS, GDPR compliance
Creating a Policy
// Create a custom policy
const policy = await talon.policies.create({
name: 'block-competitor-mentions',
description: 'Block any mentions of competitor products',
rules: [
{
type: 'keyword',
action: 'block',
keywords: ['CompetitorA', 'CompetitorB'],
message: 'Competitor mentions are not allowed'
}
]
});
// Apply policy to requests
const result = await talon.analyze({
content: userInput,
policies: ['block-competitor-mentions']
});Policy Actions
| Action | Description |
|---|---|
| block | Reject the request entirely |
| redact | Remove or mask matching content |
| flag | Allow but mark for review |
| log | Allow and log for monitoring |
Managing Policies
Policies can be managed via the API or through the TalonAI Dashboard. The dashboard provides a visual editor for creating and testing policies.