Skip to main content
The Secure AI Gateway acts as a protective layer between your users and public AI services. It automatically applies several security measures to every request and response.

🛡️ Secret Detection

The gateway scans all outgoing messages for sensitive credentials. If a secret is detected, the request is blocked before it ever reaches the AI provider. Detected Secrets include:
  • API Keys (OpenAI, AWS, GitHub, etc.)
  • Private Keys (RSA, SSH, etc.)
  • Database connection strings
  • Bearer Tokens

🔒 PII Detection & Masking

Personal Identifiable Information (PII) is automatically detected. Depending on your configuration via the pii parameter, you can choose:
  • disabled: No security scanning. Recommended for internal testing.
  • obfuscate: Redacts sensitive data (e.g., [REDACTED_EMAIL]) but lets the conversation continue.
  • block: Completely rejects the request if sensitive data is found.
Supported PII types:
  • Email addresses
  • Phone numbers
  • Credit card numbers
  • IP addresses
  • Social Security Numbers (SSN)

🧱 AI Firewall Rules

The gateway enforces organizational policies through a set of firewall rules. These rules can:
  • Prevent the model from discussing certain topics.
  • Enforce specific personas or safety guidelines.
  • Restrict usage based on time or volume.

🕵️ Audit Logs

All requests made through the API are logged for auditing purposes. Logs include:
  • User ID / API Key ID
  • Model used
  • Timestamp
  • Security check results (e.g., “Blocked by Secret Detection”)