Whitelist/Blacklist Policy
Governance rule defining allowed (whitelist) and disallowed (blacklist) inputs, features, or operations to enforce compliance and prevent misuse.
A policy-as-code mechanism where authorized input values, API calls, model operations, or external endpoints are specified in a whitelist, and prohibited items (e.g., PII fields, disallowed functions) are enumerated in a blacklist. During runtime or pipeline execution, policy checks block any unapproved actions. Governance processes maintain and review these lists regularly to adapt to evolving risks and requirements.
A data-ingestion pipeline applies a whitelist/blacklist policy: only CSV files from specified source systems (whitelist) are accepted, and any records containing Social Security numbers (blacklist pattern) are rejected and alerted to compliance. This prevents unauthorized or sensitive data from entering the AI pipeline.
We help you find answers
What problem does Enzai solve?
Enzai provides enterprise-grade infrastructure to manage AI risk and compliance. It creates a centralized system of record where AI systems, models, datasets, and governance decisions are documented, assessed, and auditable.
Who is Enzai built for?
How is Enzai different from other governance tools?
Can we start if we have no existing AI governance process?
Does AI governance slow down innovation?
How does Enzai stay aligned with evolving AI regulations?
Research, insights, and updates
Empower your organization to adopt, govern, and monitor AI with enterprise-grade confidence. Built for regulated organizations operating at scale.