Real-time threat detection, LLM firewall, encryption at rest, and automated incident response — built into every request.
6 parallel detectors monitor volume spikes, brute force, geo anomalies, cost anomalies, firewall threats, and model switching. Redis counters track patterns with sub-millisecond overhead. Alerts appear in your dashboard within seconds.
Two-layer defense: safety-tuned LLM via BackendRouter catches injection attacks locally. LLM Firewall adds intent-based content safety. Our benchmarks show the firewall makes requests 8.6% faster than direct calls.
Provider keys encrypted with XChaCha20-Poly1305 (192-bit nonces). API keys are SHA-256 hashed — we never store the original. Decryption happens only at runtime when forwarding to the provider.
Every request is geolocated using MaxMind GeoLite2. New countries trigger instant alerts. Track where your API keys are being used and catch stolen credentials from unexpected regions.
Anonymous IP limits, authenticated org limits, and per-key limits — all enforced with atomic Redis sliding windows. Scale horizontally without breaking consistency.
Emails, CPFs, SSNs, credit cards, phone numbers, API keys, and bearer tokens are automatically redacted from logs. Runs asynchronously — zero impact on request latency.
Every request passes through multiple security layers before reaching the AI provider.
The short version of a long control matrix. The long version is available under NDA — ask and we'll send it same-day.
| Data protection | |
| Encryption at rest | AES-256-GCM. Per-workspace keys. BYOK available on Enterprise. |
| Encryption in transit | TLS 1.3 only. HSTS + OCSP stapling. mTLS for self-hosted data plane. |
| Zero-retention mode | Prompts and completions never written to durable storage. Only aggregate metrics retained. |
| PII redaction | Built-in detectors for names, addresses, card numbers, SSNs, PHI. Redaction happens before models see the prompt. |
| Deletion SLA | Workspace data fully purged within 30 days of contract termination. Verifiable on request. |
| Identity & access | |
| SSO | SAML 2.0, OIDC. Supported: Okta, Azure AD, Google Workspace, JumpCloud, OneLogin, custom IdP. |
| Provisioning | SCIM 2.0. Just-in-time user creation, group-based role sync, automatic de-provisioning. |
| RBAC | Four built-in roles plus custom roles. Scoped per route, environment, and key. |
| API keys | Rotatable, scoped, and auditable. Short-lived (1h) session tokens for interactive auth. |
| Operational security | |
| Background checks | All employees. Production access limited to a named on-call rotation with hardware-key 2FA. |
| Penetration testing | Annual external pentest. Quarterly internal red team. Reports available under NDA. |
| Vulnerability management | Snyk + GitHub Advanced Security on every PR. CVSS ≥ 7.0 patched within 72h. |
| Incident response | 24/7 on-call. 15-min acknowledgement SLA on P1. Postmortems published to customers within 7 days. |
| Compliance & audit | |
| SOC 2 Type II | Current report from Prescient Assurance. Next audit window closes May 2026. |
| ISO 27001:2022 | Certified by Schellman, issued 2025-09. |
| GDPR & data residency | EU data can be kept in EU-only region. DPA template ships with every Team contract. |
| HIPAA | Business Associate Agreement available on Enterprise. PHI routed only through approved providers. |
| Audit logs | Immutable, cryptographically chained. Streamable to S3, Splunk, Datadog, or any SIEM. |
Grab what you need. NDA-gated docs send automatically after e-sign; everything else is public.
Every plan includes full security. Start free.