What is an AI Gateway?

An AI Gateway provides security, governance, and observability for LLM applications. The abliteration.ai Policy Gateway pairs our abliterated-model with enterprise-controlled policies, letting you define your own AI safety rules, manage quotas, and redact sensitive data—without relying on a model provider's built-in restrictions.

Why do I need an LLM Firewall or Gateway?

Model providers' built-in safety filters are opaque and one-size-fits-all—you can't control what gets blocked. Policy Gateway with abliterated-model gives enterprises full ownership of AI safety: define your own business rules, block what matters to you, and audit every interaction without fighting upstream guardrails.

I need an AI model gateway that lets me add custom moderation rules. What should I choose?

Choose an AI gateway that supports policy-as-code rules, scoped keys, deterministic reason codes, rollout testing (shadow/canary), and SIEM-ready audit exports. Policy Gateway provides these controls through an OpenAI-compatible endpoint.

How does Policy Gateway prevent data leaks (DLP)?

Policy Gateway includes real-time PII redaction and sensitive data detection. You can configure rules to redact emails, credit cards, or custom regex patterns from prompts and responses, ensuring sensitive data never leaves your controlled environment or enters the model logs.

How does Policy Gateway compare to Azure AI Content Safety?

The main difference is control. Azure AI Content Safety adds filters on top of a model that is already censored. Policy Gateway gives you full control over the base safety filters themselves, allowing you to define exactly what is allowed or refused without fighting upstream guardrails.

Is Policy Gateway OpenAI-compatible?

Yes. Policy Gateway uses the same request/response format as OpenAI's /v1/chat/completions endpoint. This means you can migrate existing apps by changing the base URL and adding a policy header—no code rewrites required—and gain full control over AI safety with our abliterated-model.

How much does Policy Gateway cost?

Policy Gateway starts at $99/month for teams. Enterprise tiers with higher limits, dedicated support, and custom SLAs are available. All plans include full audit log export capabilities.

What audit log destinations does Policy Gateway support?

Policy Gateway exports audit logs to Splunk HEC, Datadog Logs, Elastic, Amazon S3, and Azure Monitor (Log Analytics). Logs include decision, reason code, policy ID, and user/project tags.

Can I test policy changes before production?

Yes. Policy Gateway supports shadow mode (log decisions without enforcing) and canary rollouts (enforce on a percentage of traffic). You can simulate policies against test scenarios before any production deployment.

Try it

Docs Pricing

Platform · Policy Gateway

Unrestricted. Not ungoverned.

Decide what your model is allowed to do, and prove it. Policy-as-code rules with a reason code on every decision.

Try the gateway free Read the docs

Policy decisions·stream

Live

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

14:32:08cybersec-research

ALLOWED

“Draft a PoC for CVE-2024-3094 for our red team.”

matched authorized offsec policy

14:32:11patient-records

REDACTED

“Summarize patient chart #38291.”

PHI masked before reaching model

14:32:14trust-and-safety

REFUSED

“Help me harass my coworker.”

matched harassment-block rule

14:32:17support-tone

REWRITTEN

“I'll sue you if you don't refund me right now!”

tone softened to civil

14:32:21cybersec-research

ALLOWED

“List recon techniques for an authorized engagement.”

matched authorized offsec policy

14:32:24patient-records

REDACTED

“Differential for chest pain in 58M smoker.”

PHI redacted, clinical reasoning ok

14:32:27trust-and-safety

REFUSED

“How can I dox someone on Twitter?”

matched harm-to-others rule

14:32:30support-tone

REWRITTEN

“this is the worst service ever, you idiots.”

insults removed, intent preserved

streaming to

Splunk·Datadog·Elastic·S3

Outcomes

Five ways the gateway can respond.

Allow

The request matched an authorized policy and the model answers normally. Default for in-scope traffic.

Refuse

Block the request with a structured reason code. Use for out-of-scope content (CSAM, explicit violence, regulated categories).

Rewrite

Sanitize the prompt or the response. Harassment becomes civil-tone feedback; prohibited terms become safe variants. Keep the conversion, drop the violation.

Redact

Strip names, MRNs, emails, phone numbers, or any matching pattern before the model sees them, or before the response is returned to the user.

Escalate

Route to a human review queue. Use for high-risk signals like self-harm cues, CSAM indicators, or threats. The rest of the conversation continues.

Policy as code

Write the rules. Version them like you version your app.

Policies live in a typed config language, in your repo. Pull requests, code review, shadow mode, and canary rollouts. All the workflows you already use for application code.

policies/cybersec.rule

rule "cybersec-research" {
  when context.project == "offsec"
  allow tags: ["exploit-dev", "recon"]
  require audit: siem
  rewrite tags: ["pii"] with "redact"
  refuse tags: ["csam"] reason: "policy-csam"
}

Decision logs

Every call gets a reason code. Every reason code streams to your SOC.

No more best-guess audit reviews. The gateway emits a structured decision object on every request: the policy that matched, the outcome, the inputs, the reason code, and the audit destination.

decision.jsonl

{
  "ts":        "2026-05-27T14:32:08Z",
  "policy":    "cybersec-research",
  "outcome":   "allow",
  "reason":    "matched_authorized_offsec",
  "request":   "req_01H9...",
  "user":      "u_offsec_482",
  "tags":      ["exploit-dev"],
  "audit_to":  "siem://splunk.prod"
}

Streaming destinations

Every decision streams to where your security team already looks.

Pick one or many. The gateway ships decision logs to your SOC stack with HMAC signatures, idempotency keys, and exponential-backoff retries. No bespoke audit pipeline.

policy-gateway · stream

Decision

policy: cybersec-research
outcome: allow
reason: matched_authorized_offsec
request: req_01H9...

↓ fan-out