PII obfuscation before sending to the model
Names, phones, addresses and card numbers are replaced with stable tokens before sending; the model and its logs never get real customer data, removing GDPR fine risk
AI tools
Companies connect dozens of LLMs but lose control over cost, reliability and personal data leaking into external models.
Personal-data protection is a two-way loop, not an output filter: obfuscation swaps personal data for tokens before the model, and the response is de-obfuscated — the provider sees only anonymized data
Our clients
Industry solutions
Capabilities
Names, phones, addresses and card numbers are replaced with stable tokens before sending; the model and its logs never get real customer data, removing GDPR fine risk
Tokens in the model's response are restored to original values via a session map — the user sees real data that never left the perimeter
Cheap requests go to light models, complex ones to frontier; costs drop 45-85% with no noticeable quality loss
Token limits per key, team and project stop overspend before the provider bill — an end to surprises of 40% over forecast
If one model fails or slows down, traffic shifts automatically to a backup — the AI service does not go down with the provider
Every request is logged with model, tokens, latency and cost via OpenTelemetry — you see who spends how much and where quality degrades
Repeated requests are served from cache (40%+ hit rate in production) — lower bill and latency with no loss of answer quality
Provider keys are stored in the gateway; teams get virtual keys with instant revocation — secrets never leak into application code
Prompt injection detection and content filtering before and after the model reduce leak risk and toxic responses in production
Approach
We don't fork or patch the LLM & Security Gateway core. LLM & Security Gateway stays on the standard, upgradable version — we move business logic into separate microservices alongside it, so platform updates don't break your customizations.
Where a mature international solution exists, we use it instead of inventing our own protocol or platform. Before writing code, we study how the problem is already solved in the industry.
The solution is loosely coupled and documented: it can be handed over between teams and contractors without rewriting. You are not tied to us.
AI compatibility
A single OpenAI Chat Completions endpoint — apps switch to the gateway by changing the base URL, with no client code rewrite
OpenAI, Anthropic, Google, open-source and local models behind one interface; switching a model is a route config change, not a code change
Gateway telemetry lands next to application telemetry in Datadog, Grafana and Splunk without custom adapters
PII obfuscation works at the level of each call, so it protects both single-step requests and multi-step agent chains and RAG pipelines
The gateway and obfuscation map are deployed in the client's perimeter — PII and session mappings never leave the company boundary
Projects