● Interactive demo available — explore the full governance portal View demo →
The unified AI governance platform · Gateway + Audit connectors + Shadow AI

Your workforce deserves
better AI tools.
IT deserves peace of mind.

One platform for every AI surface in your org. Govern Claude, GPT, Gemini, and custom apps via our API gateway. Ingest Microsoft Copilot, GitHub Copilot, and Google Workspace AI via audit connectors. Catch shadow ChatGPT and Claude.ai with our managed browser extension. One pane. One audit chain. One compliance story.

Microsoft 365 Copilot GitHub Copilot Google Workspace AI Shadow AI on ChatGPT · Claude.ai · Gemini Custom AI apps via gateway
67%
Enterprises breached by shadow AI
50min
Saved per AI user per day
26%
CIOs cite security as #1 AI blocker
2 vars
Env variables to deploy fully
What we cover
Every AI tool. One governance layer.

Most AI governance tools only cover what you build. We cover what you build, what your vendors built, and what your employees use on the side.

Lane 1 · API Gateway
Custom AI apps
Real-time interception of every API call. Set 2 env vars in your app. Works with Anthropic, OpenAI, Google, Bedrock, Azure OpenAI, Ollama. Full prompt + response visibility. Inline DLP, AUP enforcement, sub-50ms overhead.
Claude GPT-4o Gemini Bedrock Azure Ollama
Lane 2 · Audit Connectors
SaaS-embedded AI
For AI features your vendors built into their tools. We pull audit logs directly from each vendor on a 5-minute cadence, normalize the events, sign them, and unify them with your gateway audit chain.
M365 Copilot GitHub Copilot Workspace AI Salesforce Q3 Slack Q3
Lane 3 · Browser Extension
Shadow AI
For employees using ChatGPT and Claude.ai on personal accounts. Push the managed extension via Group Policy or Intune. Pre-flight DLP scan blocks SSNs and API keys before they leave your network. Every interaction logged.
ChatGPT Claude.ai Gemini Perplexity DeepSeek Mistral
All three lanes feed one D1 audit chain · one DLP scanner · one compliance report.
The problem
Your team is already using AI.
You just can’t see it.
Shadow AI everywhere
47% of employees use personal AI accounts for work. 67% of enterprises have already suffered a breach from unmonitored AI use. Your policy says no. Your team says yes anyway.
Stuck with the wrong tools
Your org defaults to Copilot because it’s bundled. Claude Sonnet 4.6 and GPT-4o fundamentally change what your best people can do. Your team deserves the tools that matter, not the ones easiest to procure.
No audit trail, no compliance
EU AI Act enforcement begins August 2026. HIPAA violations from AI use are already happening. Without an immutable audit trail, you cannot investigate, remediate, or prove compliance to anyone.
Prompt injection and agent hijacking
OWASP 2026 ranks goal hijacking #1. An agent reads a vendor email with an embedded malicious instruction, executes it, and exfiltrates 60,000 records. Your firewall logs show nothing unusual.
The membrAIn fix — two environment variables
# Before: direct to provider (ungoverned)
ANTHROPIC_API_KEY=sk-ant-...

# After: governed gateway (zero code change)
ANTHROPIC_BASE_URL=https://gateway.getmembrain.ai/c/acct
MEMBRAIN_KEY=mbr_live_citadel_your_key
✓  FIPS AES-256-GCM active · Ed25519 lineage signed
✓  DLP scanning before LLM sees payload
✓  Real-time threat detection · audit log streaming
✓  Portal dashboard live on first call
Every OS. Every platform. Zero install.
Windows · macOS · Linux · iOS · Android · Docker · CI/CD · Serverless. If it makes an HTTPS request, membrAIn governs it. No agent. No MDM. No IT ticket.
How it works
Three layers. One URL.
Complete protection.
01 / UNLOCK
Every AI tool that actually matters
Claude Sonnet 4.6. GPT-4o. Gemini 2.0. AWS Bedrock. Every provider through one governed gateway. IT and legal say yes — because the controls are real. Your team stops shadow AI because the real tools are finally approved.
Zero code changes
02 / PROTECT
Detect and contain threats before they execute
DLP scans every payload before the LLM sees it. Prompt injection detection. Goal hijacking patterns. Behavioral baseline anomaly scoring. When a threat fires, the agent is auto-quarantined and a signed incident report generated — before a human touches a keyboard.
8 OWASP threat categories
03 / PROVE
Compliance documentation that writes itself
Every AI interaction logged, FIPS encrypted, Ed25519 signed, and hash-chained. EU AI Act Article 11 docs auto-generated. HIPAA audit controls. SOC 2 evidence package. GDPR Article 30 record. Built automatically from gateway telemetry — no manual assembly.
EU AI Act · HIPAA · SOC 2 · GDPR
Full platform
Everything built to deliver
the complete solution.

Twelve components. All production-engineered. The gateway ships first and delivers the core value. Everything else layers on.

Cloud API Gateway
Core · Ships first
Go/Rust reverse proxy on Cloudflare Workers. OpenAI-compatible API surface. mTLS per enrolled agent. AES-256-GCM + Ed25519 lineage inline. Multi-region auto-failover. Sub-50ms overhead. Health check + real-time telemetry. The entire product in one URL.
Go / RustCloudflare Workersaws-lc-rs FIPSmTLS
DLP Scanning Engine
Core · Ships first
Inline payload scan before AES encryption and before the LLM sees the content. 40+ pattern types: SSN, PHI, credit card PANs, API keys, credentials, source code. ML classifier for secrets. Block | Redact | Warn dispatch in <5ms. Violation logged without storing content.
Regex + MLHIPAA patterns<5ms overhead
Key Management System
Core · Ships first
ECDH P-384 key delivery (Citadel tier). Per-channel key derivation with 38/38 stress tests passed. Rotation cascade: one API call rotates entire fleet. Ed25519 per-agent signing keypair provisioned at enrollment. Shamir 5-of-3 threshold for Cosmos tier.
ECDH P-384Ed25519Shamir
Threat Detection Engine
Core · Ships first
Prompt injection pattern library. Goal hijacking and indirect injection detection. Behavioral fingerprint baseline per agent. Excessive agency scope validator. Data exfiltration anomaly scoring. Agent impersonation via Ed25519 verification. Auto-quarantine on HIGH severity in <30 seconds.
OWASP Top 10Behavioral MLAuto-quarantine
Audit Log Pipeline
Core · Ships first
In-process buffer → async flush → Ed25519 signed NDJSON → S3 / SIEM. Every interaction logged: agent ID, model version, token counts, trust score, DLP result, lineage hash. Immutable hash-chained. Queryable from portal. SIEM export to Splunk, PagerDuty, custom webhook.
NDJSONS3 / SIEMHash-chained
Incident Response Automation
Q2 2026
Auto-quarantine on threat detection. Signed PDF incident report in <30 seconds. PagerDuty + Slack webhooks. 4 default playbooks: injection, exfiltration, DLP, budget exceeded. Admin releases agent via portal — logged action. Mean time to contain target: <60 seconds end-to-end.
PagerDutySlackSigned PDF
Cost Attribution + Budget Controls
Q2 2026
Token spend by team, agent, and project in real time. Configurable budget limits with three enforcement tiers: soft alert at 80% (email + Slack), hard alert at 95% (PagerDuty), hard stop at 100% (gateway returns 429, all calls blocked). Finance and IT both get what they need.
Real-time attributionHard budget stopsPer-agent granularity
Compliance Report Generator
Q2 2026
Queries audit log → auto-generates structured compliance documentation. EU AI Act Article 11 technical documentation. HIPAA §164.312 audit controls. SOC 2 CC6.1 evidence package. GDPR Article 30 record of processing. Export PDF or structured JSON. No manual assembly required.
EU AI ActHIPAASOC 2GDPR
Model Governance + AUP Enforcement
Q2 2026
Model version pinning per agent. Change notifications when providers update underlying weights. Approval workflow before updates go live. Acceptable Use Policy acknowledgment — gateway holds first call until employee acknowledges. Every acknowledgment logged to immutable audit chain.
Version pinningAUP enforcementApproval workflow
DoH Resolver — Layer 2
Q2 2026
DNS-over-HTTPS profile extends gateway coverage to browser sessions and shadow AI. Intercepts AI provider domains (api.anthropic.com, api.openai.com, 30+ more). MDM push for managed devices. Android: Private DNS setting. iOS: MDM profile. Chrome: Group Policy. Zero user action on managed devices.
DoHMDM / Intune / JamfiOS · Android · Chrome
Integration Wrappers
Q3 2026
@membrain/langchain — one-line drop-in around any LangChain LLM. CrewAI agent-to-agent interception. MCP server wrapper for tool call governance. LangGraph, AutoGen, custom agent support. Most frameworks require only the gateway URL change — no wrapper needed at all.
LangChainCrewAIMCPAutoGen
npx membrain verify CLI
Q3 2026
One command confirms the integration is working: encrypted message sent, trust score returned, lineage chain verified, dashboard shows agent live. The “you’re done” moment. Removes all uncertainty from the first-time onboarding experience. Target: under 10 seconds from zero to green.
Node.js CLInpx zero-installDashboard auto-open
Competitive comparison
The only platform with FIPS encryption
and cryptographic lineage.

Every competitor secures the channel or monitors traffic. None deliver application-layer FIPS encryption with an unforgeable cryptographic lineage chain. That is the moat.

Capability membrAIn TrueFoundry Prompt Security WitnessAI SlashLLM Bifrost Akamai AI Firewall
FIPS 140-3 AES-256-GCM✓ Application layer
Cryptographic lineage chain✓ Ed25519 signed
Zero endpoint install✓ 2 env vars~ Library~ API config~ Agent~ Container~ Self-host~ Proxy
iOS & Android support✓ All platforms~ Web only~ Edge
DLP / PII scanning (pre-LLM)✓ 40+ patterns inline~ Limited
Prompt injection detection✓ 8 OWASP cats~ Basic
Auto-quarantine + signed report✓ <30s PDF~ Alerts only~ Alerts only~ Alerts only~ Alerts only
Cost attribution + hard stops✓ Hard budget stops
Acceptable use enforcement✓ Gateway-enforced
Model version pinning✓ Per-agent approval~ Routing only~ Routing
Compliance docs auto-generated✓ EU AI Act + HIPAA~ Manual~ Manual
Multi-provider routing✓ One URL all~ Limited✓ 20+~ API
Starting price / model$149/agent/moEnterprise quoteEnterprise quoteEnterprise quoteEnterprise quoteFree OSSEnterprise quote
Works with everything you already use
Anthropic ClaudeOpenAI GPT-4oGoogle GeminiAWS BedrockAzure OpenAILangChainCrewAIAutoGenLangGraphClaude CodeSlack AIMicrosoft CopilotSalesforce EinsteinSplunkPagerDutyOllama
Pricing
Transparent pricing.
Pays for itself on day one.
Fortress
$149
per agent · per month · min 10 agents · annual
AES-256-GCM gateway encryption
DLP scanning (40+ patterns)
Prompt injection detection
Immutable audit log pipeline
Multi-provider routing
Governance portal dashboard
Most popular
Citadel
$249
per agent · per month · min 10 agents · annual
Everything in Fortress
ECDH P-384 forward secrecy
Behavioral baseline + anomaly detection
Auto-quarantine + signed incident reports
Cost attribution + hard budget stops
EU AI Act / HIPAA compliance docs
Model version pinning + AUP enforcement
Dedicated support channel
Cosmos
$349
per agent · per month · min 10 agents · annual
Everything in Citadel
Shamir 5-of-3 threshold key custody
Signed lineage attestation
SIEM integration (Splunk, Sentinel)
Air-gapped deployment option
99.99% uptime SLA
Dedicated account team

PLATFORM 100–1,000 SEATS: $150K–$500K/YR  ·  ENTERPRISE OEM 1,000+ SEATS: $500K–$2M + ROYALTIES

Transparent per-agent billing
You see exactly what you pay for in the portal. Active agent count, monthly cost, per-agent breakdown, downloadable invoices. Suspend an agent — it drops off your bill. No hidden fees, no minimum commitments beyond annual.
Stop saying no. Start governing.

Give your workforce
AI tools worth using.

15-minute live demo. We connect Claude or GPT-4o through the membrAIn gateway, show real-time DLP scanning, threat detection, and your governance dashboard lighting up on the first call. Your team gets the best AI. Your security team finally says yes.

View platform brief → Download as PDF