The only OpenAI-compatible proxy with DLP, SSO, SIEM, and Hybrid VPC in a single platform. Redact PII, block prompt injections, enforce spend limits, and smart-route to the cheapest provider—with enterprise SSO and SIEM connectors built in. And with the new MCP Gateway, the same DLP and injection defense now guards your agents’ tool calls.
Native SDK (pip install aisg) or OpenAI SDK compatible · No credit card required · 600+ models
Not sure if your prompts leak data? Test for free →
What your LLM provider actually receives
Without AISG
With AISG
Names, emails, SSNs, and company details redacted. Business context passes through untouched.
Instantly see what PII your prompts leak, what each call costs, which provider is cheapest—with just 2 lines of code.
Works with every major provider
Paste any AI prompt below. Our scanner detects 30+ sensitive data types instantly.
Your app sends user data to GPT, Claude, or any LLM
You don’t know what developers are putting into prompts
You need to enforce PII, PCI, or HIPAA compliance on AI calls
You want cost control across multiple AI providers
Your prompts can’t leave your network — data sovereignty, HIPAA, or regulatory mandates
You run autonomous agents that could get stuck in infinite retry loops
Your agents call tools over MCP and need policy on every tool call and result
You need real-time alerts when PII leaks, injections, or budget breaches happen
Your SOC needs AI security events in Splunk, Datadog, or Sentinel
You need centralized SSO — Okta, Azure AD, or Google Workspace — for AI governance
You need EU AI Act Article 12 compliance logging before August 2026
You’re paying for identical LLM prompts that could be served from cache
You need project-level versioned DLP Policies & custom regex IP protection
Use the aisg SDK for typed metadata, or keep the OpenAI SDK — switching takes 30 seconds either way.
const openai = new OpenAI({
apiKey: 'OPENAI_KEY'
});const openai = new OpenAI({
apiKey: 'os_hub_live_abc123',
baseURL: 'https://api.aisecuritygateway.ai/v1'
});~50ms
PII scan latency
30+
PII entity types
600+
Models, 8 providers
The Request Journey
Your App
Sends the request
DLP / AI Firewall
Scans & redacts PII
Smart Router / Budget
Cheapest provider & spend cap
Provider Routing
BYOK / Managed / Failover
AI Provider
Only sees clean, governed data
Why AI Security Gateway
Cloudflare AI Gateway does caching — zero DLP. Portkey does routing — no PII scanning. Neither offers SSO, SIEM connectors, or on-prem deployment. AISG does it all in a single stateless hop.
| Capability | Cloudflare AI Gateway | Portkey AI Gateway | Helicone Observability | AISG Governance |
|---|---|---|---|---|
| PII redaction (30+ entities) | — | 3rd-party | — | |
| Vision / image OCR scanning | — | — | — | |
| Prompt injection blocking | — | 3rd-party | Partial | |
| Hard budget enforcement (402) | — | Partial | — | |
| Per-project DLP policies | — | — | — | |
| Custom regex IP protection | — | Partial | — | |
| Managed credits / wallet | — | — | — | |
| Smart cost routing | — | — | ||
| BYOK at 0% markup | — | |||
| Multi-provider failover | — | |||
| Recursive loop protection | — | — | — | |
| Webhook security alerts | — | Partial | ||
| Hybrid VPC (on-prem proxy) | — | — | — | |
| SAML SSO (Okta, Azure AD…) | — | — | — | |
| SIEM connectors (Splunk, DD) | — | — | — | |
| MCP Gateway (tool-call security) | — | — | — | Beta |
| EU AI Act compliance logging | — | — | — | |
| Semantic prompt caching | ||||
| Deep observability / tracing | — | Metadata | ||
| Open source | — |
Why this matters: Palo Alto Networks acquired Portkey in May 2026 to get the routing half of this equation. But Portkey has zero native DLP, no SSO, no SIEM, and no on-prem deployment. Cloudflare AI Gateway does caching but no PII scanning. Helicone does observability but no active intervention. AI Security Gateway (AISG) is the only proxy that does DLP + SSO + SIEM + Hybrid VPC + billing in a single platform.
No credit card required · Integrate in 2 minutes
The obvious question
Every team asks. Here’s why combining two tools doesn’t equal one governance layer.
Because that’s two systems, two failure points, and zero coordination between routing decisions and security policies. AISG runs DLP inside the proxy path — every request is scanned before it leaves your network, with per-project policies and budget enforcement, in a single API call. No sidecar. No second hop.
Portkey routes requests but has zero native DLP. Palo Alto acquired them for $356M and still doesn’t have inline PII redaction. Bolting DLP onto a routing proxy after the fact means prompts hit an external scanner, adding latency and a second trust boundary. AISG scans and routes in the same stateless hop.
You absolutely can — our open-source version is Apache 2.0. But most teams underestimate the scope: entity detection across 30+ PII types, prompt injection heuristics, per-project versioned policies, budget enforcement with HTTP 402, multi-provider failover, and keeping pricing data current. That’s 6–12 months of engineering. AISG gives you all of it in two lines of code.
Because "separately" means three vendors, three auth boundaries, and security events that can’t correlate with governance actions. AISG ships SAML SSO (Okta, Azure AD, Google Workspace), SIEM connectors (Splunk, Datadog, Sentinel), and Hybrid VPC deployment as first-class features — all managed from the same dashboard, with the same API keys, and the same DLP policies. One platform, one audit trail.
The one-liner: “The only OpenAI-compatible proxy with DLP, SSO, SIEM, Hybrid VPC, and per-project governance — all in one platform.”
No credit card required · Integrate in 2 minutes
Names, SSNs, credit cards, emails, API keys — scanned and redacted on every request, including images via OCR.
Define versioned data-loss-prevention policies per project. Different teams, different rules — all enforced automatically at the proxy layer.
Write your own regex rules to catch proprietary terms, internal project names, or domain-specific data that standard PII detectors miss.
Heuristic jailbreak detection that blocks malicious prompts before they reach any provider.
Per-key spend caps that return HTTP 402 when exceeded. No runaway agents, no surprise bills.
Detects and kills agent retry loops automatically. Fingerprint-based detection blocks repetitive request patterns before they drain your budget.
Identical DLP-cleaned prompts are served from cache — zero LLM cost, sub-millisecond latency. Shared across all proxy instances via a low-latency distributed cache.
Automatically routes each request to the cheapest available provider across your configured models.
Real-time HMAC-signed alerts to your Slack, PagerDuty, or SIEM when PII is blocked, budgets are hit, or loops are detected.
Run a compiled Go proxy inside your network. Prompts never leave your VPC — DLP, budget enforcement, and loop detection run locally. Cloud dashboard manages policies.
Enterprise single sign-on with Okta, Azure AD, Google Workspace. Per-org configuration, auto-provisioning, and enforced SSO policies.
Stream security events to Splunk HEC, Datadog Logs, or Microsoft Sentinel in real time. Org-level config with encrypted credentials.
Secure your agents' tool plane: scan MCP tools for poisoning, redact PII in tool arguments and results, and allow/deny tools — in the cloud or inside your VPC.
Tamper-evident, hash-chained audit records on every request. Export as JSONL. Ready for Article 12 enforcement (August 2026).
Bring your own API keys. Pay providers directly with zero AISG markup on Pro. Full governance still applies.
Self-host the entire stack in your own cloud. Apache 2.0 licensed. No vendor lock-in.
No credit card required · Integrate in 2 minutes
Your prompts are governed in transit and never retained. We don’t store what you send, and we never train on your data.
Prompts pass through and are never written to disk or logged. Only metadata (cost, latency, entity counts) and SHA-256 fingerprints (for EU AI Act compliance) are recorded — never content.
Your requests are yours. We do not use prompt content for model training, analytics, or any secondary purpose.
BYOK API keys are encrypted at rest with authenticated encryption. Keys are decrypted only at request time in memory.
Deploy a compiled Go proxy inside your network. Prompts never leave your VPC. DLP runs locally — only metadata reaches the cloud dashboard.
SAML single sign-on with any IdP (Okta, Azure AD, Google Workspace). Security events stream to your SIEM — Splunk, Datadog, or Microsoft Sentinel — so your SOC sees every PII block and injection attempt in real time.
Deploy the full open-source stack on your own infrastructure. Apache 2.0 licensed. No phone-home, no telemetry.
Four plans — from free credits to on-prem Hybrid VPC. Full governance across 600+ models.
Every plan includes the full AI Firewall (30+ PII types) · agent loop detection & auto-kill · hard budget caps per project · EU AI Act audit logs · webhook alerts
For prototypes & teams who want zero provider setup
For solo devs & single projects
For teams and production
For regulated industries & data-sovereign teams
Full pricing details, media generation tiers, and plan comparison →
FAQ
It’s a security layer that sits between your app and AI companies like OpenAI, Groq, or Mistral. When your app sends a message to AI, AISG checks it first — removes any sensitive data (like emails, passwords, or credit card numbers), selects the most cost-efficient available provider, and then forwards the cleaned message. Think of it as a security guard and cost-optimization engine combined.
No. We only log metadata (like "1 email address was blocked") — we never store the actual content of your messages or the AI’s responses. Your data passes through our security layer and is forwarded to the AI provider. Nothing is saved on our servers.
If your app uses the OpenAI SDK (the most popular AI library), you only need to change two lines: the API key and the base URL. Everything else — your models, your prompts, your response handling — stays exactly the same.
BYOK stands for "Bring Your Own Key." It means you already have an account (and API key) with a provider like OpenAI, Google Gemini, xAI, Groq, or Together.ai. On the Pro plan, you save those keys in AISG, and we use them to make AI calls on your behalf — so you pay the provider directly at their regular price with zero markup. BYOK also unlocks premium models like GPT-4o and Gemini Pro.
That’s perfectly fine! The "Managed Credits" plan is designed exactly for this. Add credits to your AISG wallet (10M Credits / $10 minimum), and we handle everything — we use our own provider accounts to process your requests.
No. Every request is protected from your very first API call. AISG applies a "Maximum Protection" default policy that scans for all 30 entity types (emails, credit cards, SSNs, API keys, prompt injection attacks, and more) and redacts any matches before the AI model sees them.
The security check adds less than 50 milliseconds for text — that’s faster than a blink. For images, it takes about 0.5–1 second depending on image size. Every response includes timing headers so you can verify this yourself.
Yes. Pro subscriptions are managed through Stripe — cancel with one click anytime. Wallet balances never expire, so any prepaid credits stay in your account.
Yes. LangChain, LangGraph, CrewAI, AutoGen, Semantic Kernel, and virtually all production agent frameworks use /v1/chat/completions with tool/function calling — the exact endpoint AISG proxies. Every agent message gets DLP-scanned, every tool call is monitored, and recursive loop detection catches runaway agents automatically. Anthropic Claude, Google Gemini, Mistral, and Groq are all stateless — no Threads API equivalent exists. The one endpoint AISG intentionally does not proxy is the OpenAI Assistants API (/v1/threads), which stores conversations on OpenAI’s servers, placing your data outside your security boundary. For stateful agentic workflows, manage the messages[] array in your own code and pair with a Hybrid VPC deployment so prompts never leave your network.
More questions? Check our full documentation for in-depth guides on AISG Credits, providers, DLP policies, and more.
No credit card required · Integrate in 2 minutes
New models, security features, and cost-saving updates. No spam.