Teams adopt Anthropic directly, often without the onboarding that governs the rest of your cloud. The organization has its own members and workspaces, pending invites, API keys, and a live inference surface, all outside the controls that protect the rest of your estate.
Today Turbot Guardrails brings the same prevention-first model to the Anthropic API platform. The new Anthropic Prevention mod adds objectives that govern who can reach the organization and its workspaces, which credentials stay valid, and where inference runs. Every objective is enforced directly at the Anthropic API and continuously remediated when the live state drifts.
Control Who Can Reach Your Organization
Much of the risk on a fresh AI platform is identity: an out-of-domain account that should never have joined, an over-privileged member, an API key that has not rotated in a year. Guardrails checks each of these against a policy you set and acts when the live state falls out of line.
Membership and invites are governed by an allowlist at both the organization and workspace levels. The email-domain controls remove existing members whose domain falls outside your list and reject out-of-domain invites. Stale invites are revoked once their age crosses your threshold. Roles are limited to your approved set, at the organization and per workspace. The Anthropic > Workspace > Excess Billing control limits the workspace billing-contact role to a single member, so billing routes to one accountable contact. Any extra holders are demoted to a regular member role on enforce.
API keys are long-lived credentials, easy to create and easy to forget. Anthropic > API Key > Active > Age flags any key past a maximum age you set, so stale keys get caught and rotated.
Anthropic identity, invite, role, and key-rotation objectives, each with its own coverage score.
Control Where Inference Runs
Another concern is geography. Anthropic > Workspace > Data Residency locks workspace inference to approved regions, pinning a default routing geo and refusing disallowed ones at the Anthropic API perimeter.
Workspace inference locked to an approved residency, with a default routing geo pinned.
Recommendations for Improvement
For each objective, Guardrails shows your current posture and the steps to close the gap.
Take workspace data residency. Guardrails flags the workspaces allowing inference outside your approved geos, and offers two ways to fix it:
- Config layer: set the workspace's allowed and default inference geos through the Anthropic API, so Anthropic refuses disallowed geos.
- Runtime layer: enforce the residency with the Anthropic > Workspace > Data Residency control, which re-applies your declared geos whenever the setting drifts.
Each option includes the deployment steps to roll it out across every workspace.
Each objective comes with its posture, implementation options, and deployment steps
Runtime Prevention
Each objective runs as a Guardrails control against the Anthropic API. It reads the live state on a schedule, compares it to your policy, and remediates the difference directly.
Take an out-of-domain member. When someone joins a workspace with an email outside your approved domains, the control moves to alarm and removes them through the Anthropic API. The same shape applies across the set: a residency setting that drifts is patched back to your approved geos, an over-aged key is flagged, an excess billing-role holder is demoted. The gap is found and closed without a ticket.
Prevention-First Security for Your Entire Stack
Preventive security for AI brings the same prevention-first approach that enterprise teams rely on for AWS, Azure, GCP, GitHub, and OCI. Block what should never happen at the access layer, enforce the right configuration at runtime, and correct drift automatically, the same defense in depth that protects the rest of your cloud. It is one part of a broader set of AI preventions launching this week.
Interested in bringing preventive security to your AI environment? Connect with us to get your free preventive security posture assessment.