Bordair vs Vigil: Prompt Injection Detection for Production Applications

Vigil is an open-source prompt injection scanner that uses a combination of heuristics, vector similarity, and transformer-based classification. It is one of the earlier tools in this space and has a dedicated community. Here is how it stacks up against Bordair.

Architecture

Vigil runs as a self-hosted Python service. It uses YARA-like rules, a vector database for similarity matching, and a fine-tuned text classifier. You deploy and maintain the infrastructure yourself.

Bordair is a managed API with a three-stage pipeline: pattern matching, fast-accept gate, and DeBERTa v3 classification. No infrastructure to manage.

Detection coverage

Vigil focuses on text-based attacks with configurable sensitivity. It does a good job on common injection patterns but does not support multimodal inputs.

Bordair detects attacks across text, image, document, and audio channels. This is critical as more applications adopt multimodal inputs and attackers shift to non-text delivery methods.

Latency and scale

Vigil's latency depends on your deployment. Running all scanners can take 100-500ms depending on hardware. Bordair's managed infrastructure delivers consistent sub-50ms responses regardless of load.

Output scanning

Vigil focuses on input scanning. Bordair includes regex-based output scanning on paid plans, with configurable block, redact, warn, and log actions.

When to choose Vigil

• You want full control over the detection pipeline
• You prefer self-hosted, open-source infrastructure
• You only need text-based detection
• You want to customise detection rules at a deep level

When to choose Bordair

• You want a managed API with no infrastructure overhead
• You need multimodal detection
• You need consistent sub-50ms latency
• You want both input and output scanning

Try Bordair free and protect your LLM application in minutes.