Quiz Entry - updated: 2026.07.14
What's the difference between rule-based and model-based guardrails?
Rule-based guardrails use deterministic patterns (regex, entity lists, similarity thresholds); model-based guardrails use AI classifiers or an LLM-as-judge to evaluate content.
| Rule-based | Model-based |
|---|---|
| Pattern matching — regex for URLs, credit cards, SSNs (e.g. Microsoft Presidio) | AI classifiers — e.g. Llama Guard sorting inputs/outputs into safe/unsafe classes |
| Semantic comparison — block if too similar to known adversarial/leak examples | LLM-as-a-Judge — another model reviews responses against policy |
| Entity removal — mask personal data via defined entity patterns | Entity removal — learned, context-aware detection of PII |
Rule-based is fast and predictable but brittle; model-based is flexible and context-aware but adds latency. Both add token consumption and complicate response streaming, which must be budgeted for.
Tip: Use rule-based for the cheap, certain catches (regex a credit card) and model-based for the fuzzy, contextual ones (is this subtly a jailbreak?). Layer both.