LLM Security Layer — Now in Beta

Stop sensitive data
before it leaves
your perimeter.

PromptGate intercepts every LLM request — scanning prompts, responses, and file attachments for GDPR, HIPAA, PCI-DSS, and PII violations. Redact, block, or alert in real time.

See How It Works →

promptgate — live intercept

▶Intercepting request to gpt-4o…

✦Scanning prompt + 3 attachments

VIOLATIONS DETECTED

⛔ 4 Findings

SSN in prompt.txtHIPAA

Credit card in payloadPCI-DSS

Email addresses × 3GDPR

Patient ID in report.pdfPHI

✓

Redacted & forwarded safely

✓ Request sanitized — no breach

99%

Detection Accuracy

<2ms

Avg Latency Added

40+

Regulation Frameworks

15+

File Types Scanned

// How It Works

Proxy. Scan. Redact. Ship.

PromptGate sits inline between your app and any LLM provider — zero code changes required.

01 / INTERCEPT

Request Captured

Route your LLM traffic through our proxy endpoint. Supports OpenAI, Anthropic, Google, Azure, and any OpenAI-compatible API.

→

02 / ANALYZE

Deep Content Scan

Prompt text, system messages, and attached files are inspected against 40+ regulatory patterns including GDPR, HIPAA, PCI-DSS, and custom rules.

→

03 / ENFORCE

Block or Redact

Configure policy actions per finding type: hard block, auto-redact sensitive spans, mask file content, or emit a compliance alert to your SIEM.

→

04 / FORWARD

Clean Request Sent

The sanitized request is forwarded to the LLM. Your application receives the response normally, with an audit trail for every scan.

// Redaction Engine

Sensitive data, surgically removed.

PromptGate identifies and redacts PII, PHI, and financial data — in both free text and structured files — before a single token reaches the model.

Sample prompt — after PromptGate redaction

Patient PII, SSN HIPAA,
admitted 14 March 2024. Primary contact email:
GDPR. Phone: PII.

Payment on file: PCI-DSS.
Request originated from IP.

// Capabilities

Enterprise-grade guardrails,
developer-friendly setup.

Everything you need to deploy safe AI workflows — from single startups to regulated enterprises.

Real-time Prompt Scanning

Every user message and system prompt is scanned before reaching the LLM. Regex, NER, and ML-based detectors catch what rules alone miss.

File Attachment Inspection

PDFs, DOCX, XLSX, images, and CSVs are parsed and deep-scanned. Sensitive content is redacted in the extracted text before ingestion.

Response Monitoring

LLM outputs are scanned on the way back. If the model inadvertently leaks or reconstructs sensitive data, PromptGate catches it before your app sees it.

Policy as Code

Define rules in YAML or via the dashboard. Set actions per violation type: redact, block, warn, or log. Version-control your policies alongside your codebase.

Full Audit Trails

Every scan result is logged with timestamps, user context, and matched patterns. Export to your SIEM or pull via the audit API for compliance reporting.

Custom Entity Detection

Train PromptGate on your own data vocabulary. Proprietary contract IDs, internal project codes, trade secrets — define what's sensitive for your business.

// Supported Frameworks

Built for regulated industries.

PromptGate ships with pre-built detection patterns for the frameworks that matter most.

★

HIPAA / HITECH

PHI · PII · Medical Records

GDPR

Personal Data · Right to Erasure

PCI-DSS v4

Card Data · CVV · Account Numbers

CCPA / CPRA

Consumer Privacy · Opt-out Data

SEC

SOX

Financial Records · Audit Data

ISO

ISO 27001

Information Security Controls

FERPA

Student Education Records

Custom Policies

Define Your Own Rules

// Pricing

Simple, usage-based pricing.

Start free. Scale as your LLM usage grows. No per-seat nonsense.

Starter

$0_/mo

For developers exploring safe LLM integrations.

500K tokens scanned / month
Core HIPAA + GDPR detectors
Prompt + response scanning
API proxy access
7-day audit log retention

Pro

$49_/mo

For teams building production AI features.

10M tokens scanned / month
All 40+ compliance frameworks
File attachment scanning
Auto-redaction engine
Webhook + SIEM integration
90-day audit log retention
Custom entity detection

Enterprise

Custom

For regulated industries with strict compliance requirements.

Unlimited token scanning
On-premise deployment
VPC / private cloud
SOC 2 Type II reports
Dedicated SLA
Custom retention + DLP
SSO / SAML / SCIM

Your LLM pipeline
deserves a gatekeeper.

Start scanning in minutes. No infrastructure changes. Just point your API calls through PromptGate.

How It Works →

Stop sensitive databefore it leavesyour perimeter.