Question 1

Is Cursor HIPAA compliant?

Accepted Answer

Cursor itself does not offer a Business Associate Agreement (BAA) and is not HIPAA compliant out of the box. However, BastionGate sits between Cursor and any AI provider, detecting and redacting PHI — patient names, DOBs, MRNs, diagnosis codes — before any request leaves your network. This allows healthcare organizations to deploy Cursor and other AI coding tools while maintaining HIPAA compliance at the network layer.

Question 2

How do I prevent developers from sending patient data to ChatGPT or Claude?

Accepted Answer

BastionGate acts as a transparent HTTPS proxy. Configuring a single endpoint in your AI tool routes all AI traffic through BastionGate's inspection layer, which detects and blocks PHI, PII, and other sensitive data in real time — before it reaches OpenAI, Anthropic, or any other provider. Developers don't change how they work; the protection is invisible to them.

Question 3

How do I make GitHub Copilot or Claude Code HIPAA compliant?

Accepted Answer

Point your AI tools at BastionGate's endpoint instead of the provider's. BastionGate intercepts every request from GitHub Copilot, Claude Code, Cursor, and other IDE AI tools, scans for PHI and sensitive data, and either redacts or blocks the request based on your policy. This provides a proxy-level HIPAA control without modifying developer workflows or requiring SDK integration.

Question 4

What sensitive data does BastionGate detect?

Accepted Answer

BastionGate detects a broad range of sensitive data categories including: PII (names, emails, SSNs, phone numbers, addresses), PHI (patient records, MRNs, diagnosis codes, DOBs), financial data (credit card numbers, bank account numbers, trading data), API keys and credentials (AWS keys, OpenAI keys, GitHub tokens), source code and proprietary algorithms, and custom patterns defined by your security team.

Question 5

Does BastionGate require code changes or SDK integration?

Accepted Answer

No. BastionGate is deployed by pointing your AI tools at a single endpoint — no SDK to install, no agent to deploy, no changes to application code or developer workflows. You update the base URL in your tool's settings (e.g. Cursor, VS Code, Claude Code) and every request is automatically inspected. If a tool speaks HTTP to an AI provider, it is covered.

Question 6

How is BastionGate different from Cloudflare AI Gateway?

Accepted Answer

Cloudflare AI Gateway is primarily an observability and routing tool for AI applications. BastionGate is purpose-built for enterprise security and compliance. Key differences: BastionGate has an OPA-backed policy engine with per-tenant and per-project controls; it intercepts IDE AI tools like Cursor and Claude Code transparently; it is designed for regulated industries (HIPAA, SOC 2, FINRA); and it provides developer-friendly block messages with actionable remediation tips rather than silent failures.

Question 7

How is BastionGate different from Nightfall or Lakera?

Accepted Answer

Nightfall and Lakera both require SDK integration — developers must instrument their code to route requests through these services. BastionGate requires no code changes and works as a transparent HTTPS proxy, covering all AI tools automatically including IDE assistants by changing one base URL setting. BastionGate also provides an OPA-backed policy engine with version-controlled, per-tenant policies, whereas these tools use simpler rule configurations.

Question 8

Does BastionGate work with AWS Bedrock and Azure OpenAI?

Accepted Answer

Yes. BastionGate works with all major AI providers including OpenAI, Anthropic, Google Gemini, Azure OpenAI, AWS Bedrock, Mistral, xAI Grok, Meta Llama, and any OpenAI-compatible endpoint. Enterprise deployments using Azure OpenAI for data residency requirements are fully supported.

Question 9

How does BastionGate help with SEC or FINRA compliance for AI tools?

Accepted Answer

Financial services firms using AI coding assistants risk exposing trading algorithms, client financial data, and proprietary models. BastionGate provides: real-time blocking of financial data patterns, an immutable audit log of every AI request for examination readiness, per-team policy enforcement to separate trading desks from other teams, and full request history for e-discovery and regulatory review.

Question 10

What does a developer see when a request is blocked?

Accepted Answer

Instead of a silent failure or cryptic error, BastionGate returns a developer-friendly JSON response that explains exactly what was detected (e.g. 'API key and email address found in this request'), confirms that nothing was sent to the upstream provider, and includes a remediation tip (e.g. 'Move secrets to environment variables'). This reduces friction and helps developers fix the issue immediately.

Feature	BastionGateus	Lakera Guard
Zero code changes Point one endpoint at the gateway. No SDK, no agent, no developer instrumentation.	Change one base URL. Done.	Requires Lakera Guard SDK in every application.
Covers IDE AI tools Cursor, Claude Code, GitHub Copilot, Windsurf — the highest-risk AI surface in most enterprises.	Transparent HTTPS proxy intercepts all IDE traffic.	SDK-based; cannot intercept IDE AI assistants.
Real-time inline blocking Requests are stopped before they reach the upstream AI provider.	Block, redact, or flag enforced at the gateway.	Lakera Guard can block at the API layer.
OPA-backed policy engine Version-controlled, per-tenant, per-project Rego policies.	Open Policy Agent with Git-versioned bundles.	Rule-based configuration without a policy engine.
Per-tenant / per-project policies Different enforcement rules per team, environment, or project.	Full tenant isolation with per-project scoping.	Single policy configuration per deployment.
Developer-friendly block messages Blocked requests return a clear reason + tip. No silent failures.	Explains what was found, confirms nothing was sent.	No structured developer feedback on blocks.
Shadow AI inventory Every AI tool and provider used by your team tracked automatically.	All traffic through the gateway is attributed.	No shadow AI discovery capability.
Prompt injection defense Detects prompt injection attacks in AI inputs.	Entropy + pattern detection; roadmap item.	Lakera's primary use case and strongest feature.
HIPAA & SOC 2 ready Purpose-built for regulated industries.	HIPAA compliant. SOC 2 Type II in progress.	Enterprise tier; healthcare focus limited.
Full audit log Every request logged, searchable, and exportable.	Immutable log with CSV/JSON export.	Logging available; export options limited.

Looking for a Lakera Guard alternative?

Zero code changes

IDE AI coverage

Enterprise governance

Feature comparison

Why teams switch

No SDK — transparent proxy deployment

IDE AI tools are invisible to Lakera

Enterprise governance, not just protection

Multi-tenant architecture from day one

When Lakera might still be right

See BastionGate in 30 minutes