A platform vs. a runtime layer.
Lakera (now part of Cisco AI Defense) is an excellent runtime guard for prompt injection and jailbreaks. STACK Vault is the full AI security platform — identity, runtime defense, compliance, and audit — sized for SMB teams, MSP-delivered, or enterprise rollouts.
What each one is built for
STACK Vault
Multi-tenant AI security platform covering identity (Vault), runtime defense (Shield), agent governance (Conductor), data pipeline (Beacon), and compliance evidence (Compli). One operator view, MSP-friendly tenancy, packaged for SMB through enterprise.
Lakera (Cisco AI Defense)
Runtime prompt injection and jailbreak detection sitting between users and your LLM. Sub-50ms latency, Gandalf-trained models, strong research authority. Best-in-class at one job: blocking malicious inputs and outputs.
Together
You can run Lakera in front of your LLMs and STACK Vault around the rest of the AI estate — identity, audit, compliance. Or replace the runtime layer with STACK Shield and consolidate operations into one console.
Where each one wins
AI agent identity & non-human identity
STACK Vault. Lakera does not issue agent identities. STACK Vault treats every agent and tool-caller as a first-class identity with scoped capabilities and audit lineage.
Prompt injection blocking
Lakera leads on research and has the most-cited prompt-injection dataset (Gandalf). STACK Shield ships the same class of runtime defense plus full audit signing into Vault.
Multi-tenant + MSP delivery
STACK Vault. Tenant-isolated workspaces, role-scoped console, and per-tenant billing make it MSP-friendly out of the box. Lakera is a developer API; multi-tenant orchestration is on you.
Compliance evidence
STACK Vault + Compli. Signed evidence mapped to NIST AI RMF, ISO 42001, EU AI Act, SOC 2. Lakera focuses on detection — you assemble evidence yourself.
Common questions
We already use Lakera. Should we switch?
Not necessarily. Lakera is excellent at its specialty. The decision is whether you want a single platform across identity, runtime, agent governance, and compliance — or specialized tools per layer. Many teams add STACK Vault for everything Lakera does not cover.
Does STACK Vault have prompt injection defense?
Yes — STACK Shield is the runtime defense layer. It blocks prompt injection, jailbreaks, and indirect attacks, signs the decision into the audit stream, and integrates with your identity policies.
We are an MSP. Can we deliver STACK Vault as a service?
Yes. STACK Vault is built multi-tenant. Each customer gets an isolated workspace; you manage them from one MSP console. Lakera is designed for one-team consumption — wrapping it for multiple downstream customers is on you.
Lakera is now Cisco. Why not just go with Cisco AI Defense?
If your stack is already Cisco-centric (Umbrella, Duo, ThousandEyes), AI Defense slots in well. STACK Vault is independent of vendor stack and packages identity + runtime + compliance for teams that do not want to commit to a single vendor.