CrowdStrike Falcon AIDR Response

The CrowdStrike Falcon AIDR Response plugin intercepts LLM responses before they are returned to the client, evaluating them against CrowdStrike’s AIDR output rules in real time. Responses that violate your security policies can be redacted, masked, or blocked at the gateway. No application code changes required.

Integrating the CrowdStrike Falcon AIDR Response plugin into your Kong Gateway allows you to:

• Redact PII and sensitive data from LLM output: Automatically mask or remove sensitive content before it reaches the client.
• Block non-compliant LLM responses: Enforce output rules to prevent harmful, restricted, or policy-violating content from being delivered.
• Centralize AI security visibility: Stream audit events to the CrowdStrike Falcon AIDR console and Next-Gen SIEM without modifying your application.

Use this plugin together with the CrowdStrike Falcon AIDR Request plugin to protect both sides of your AI traffic.

The CrowdStrike Falcon AIDR Response plugin runs in the response phase. After the upstream LLM returns a response, the plugin submits it to the CrowdStrike Falcon AIDR AI Guard API for evaluation against your output rules. Based on the verdict, the plugin either delivers the (potentially redacted) response or blocks it before it reaches the client.

 
sequenceDiagram
autonumber
    participant Client
    participant LLM
    participant Plugin as Kong Gateway
AIDR Response plugin
    participant AIDR as CrowdStrike Falcon AIDR

    Client->>LLM: Send request (via Kong Gateway)
    LLM->>Plugin: Return LLM response
    Plugin->>AIDR: Submit response against output rules
    AIDR->>Plugin: Verdict

    alt If response is flagged
        Plugin->>Client: Return blocked or redacted response
    else If response is allowed
        Plugin->>Client: Return LLM response
    end
  

Figure 1: Response flow showing how the CrowdStrike Falcon AIDR Response plugin evaluates LLM responses against CrowdStrike Falcon AIDR output rules. Flagged responses are blocked or redacted (step 5), while allowed responses are returned to the client (step 6).

LLM support

The CrowdStrike Falcon AIDR Response plugin supports LLM requests routed to major providers. Each provider is mapped to a translator module internally and can be referenced by name in the config.upstream_llm.provider field.

The following providers are supported, along with their corresponding provider module names:

• Anthropic Claude: anthropic
• Azure OpenAI: azureai
• AWS Bedrock: bedrock
• Cohere: cohere
• Google Gemini: gemini
• Kong AI Gateway: kong
• OpenAI: openai

Note: Streaming responses are not currently supported.

The CrowdStrike Falcon AIDR Response plugin is built from source using the luarocks utility bundled with Kong Gateway. It depends on the kong-plugin-crowdstrike-aidr-shared library, which is included in the same repository.

Prerequisites

Before installing the plugin, ensure you have the following:

• CrowdStrike customer account in one of the following clouds: US-1, US-2, or EU-1
• AIDR for Agents Falcon subscription
• AIDR Admin role assigned to your Falcon user for the current customer account
• HTTP access to AIDR API origins
• A running Kong Gateway installation

Register a Kong Collector in AIDR

Register a collector in the AIDR console to obtain the API key and base URL required to configure the plugin.

1. In the AIDR console, go to the Collectors page.
2. Click Collector.
3. Choose Gateway as the collector type, select Kong, and click Next.
4. Configure the collector:
   • Collector Name: Enter a descriptive name to appear in dashboards and reports.
   • Logging: Select whether to log full prompt and response content, or metadata only.
   • Policy (optional): Assign a policy to apply detection rules to traffic. You can select an existing policy, create one on the Policies page, or select No Policy, Log Only to record activity without applying detection rules.
5. Click Save to complete registration.

After saving, open the Config tab on the collector details page and copy your API key and AIDR base URL. You’ll need these when enabling the plugin.

Installation steps

The following installation steps install and build the crowdstrike-aidr-response plugin and the crowdstrike-aidr-shared library.

Note: If you want to set up the CrowdStrike Falcon AIDR Request plugin at the same time, you can add crowdstrike-aidr-request to your installation and builds, alongside the other two packages.

After installing the plugin, enable the CrowdStrike Falcon AIDR Response plugin.

If you’re routing LLM traffic through AI Gateway, set up AI Gateway first by creating a Service, a Route, and enabling the AI Proxy plugin. Then set upstream_llm.provider to kong and upstream_llm.api_uri to the AI Proxy route path.

After enabling the plugin, verify it’s redacting sensitive data from LLM responses as expected.

Send a prompt asking the LLM to include a social security number in its response:

curl -s -X POST http://localhost:8000/your-route \
  -H "Content-Type: application/json" \
  -d '{"messages": [{"role": "user", "content": "Return a sample social security number in your response."}]}'

If the plugin is working correctly and your AIDR policy includes a PII Output Rule, any SSN in the LLM response is redacted before it reaches the client. The response should look something like this:

{
  "choices": [
    {
      "message": {
        "content": "Here it is: *******7890. Let me know if you would like me to draft a loan application! 🚀 ",
        "role": "assistant"
      }
    }
  ],
  "object": "chat.completion"
}

The event also appears in the AIDR console under your collector.

After deploying the plugin, you can view collected event data in the CrowdStrike Falcon AIDR console:

• Findings page: Review individual events, detections, and actions taken.
• Visibility page: Explore relationships between logged data attributes and view metrics in AIDR dashboards.
• Next-gen SIEM: Analyze event data for broader threat investigation and response workflows.