Blog

Analysis on enterprise AI governance, inline policy enforcement, agentic AI security, and regulatory compliance.

AI Firewall: What It Actually Inspects, Where It Sits, and the Audit Record It Produces

The phrase "AI firewall" gets applied to four very different products. The category collapses when you ask what each one inspects, where in the request path the inspection happens, and whether the record series survives EU AI Act Article 12 review. This piece walks through the four product shapes that get marketed as AI firewalls, the architectural property each one has and lacks, the inspection target the term should refer to in a regulated deployment, and the audit record the inspection layer commits at decision time.

AI Security Solutionsai-firewallinline-enforcementai-gatewayllm-securityaudit-logsai-policy-enforcement
Read post →

ISO 42001 vs ISO 27001: How the AI Management System Layers on Top of Information Security

ISO 42001 and ISO 27001 share the same management-system structure (the Annex SL Harmonized Structure) and a substantial portion of the Annex A control catalog. Organizations with an ISO 27001 certification have a head start on ISO 42001 because the management-system processes transfer with modifications. The two standards address different risk domains: 27001 covers information security risks to confidentiality, integrity, and availability of information assets, while 42001 covers AI-specific risks to fairness, reliability under adversarial pressure, transparency, accountability, and the responsible use of AI systems. This piece walks through the structural overlap, the additive AI-specific controls 42001 introduces, the integration pattern for combined audits, and the inspection-layer architecture that produces evidence under both standards.

Compliance & Regulationiso-42001iso-27001aimsismsai-compliancecertification
Read post →

ISO 42001 Implementation Guide: How to Stand Up an AI Management System That Passes Certification

ISO/IEC 42001:2023 is the first international management-system standard for AI. The standard takes the ISO management-system structure (the same Annex SL Harmonized Structure used in ISO 9001, ISO 27001, and ISO 14001) and applies it to AI. Certification requires a documented AI management system covering scope, leadership, planning, support, operations, performance evaluation, and improvement. This piece walks through the certification path step by step, the Annex A controls that have to be operational, the audit evidence the certification body expects, the implementation timeline a typical mid-market organization runs, and where the AI-specific controls intersect the inspection-layer architecture.

Compliance & Regulationiso-42001aimsai-management-systemai-compliancecertificationaudit-logs
Read post →

PCI DSS and AI: How v4.0 Reaches Production AI Deployments Touching Cardholder Data

PCI DSS v4.0 took full effect on March 31, 2025. The standard reaches AI deployments wherever cardholder data passes through an AI prompt, a tool result, or a retrieval corpus the AI system queries. The applicable requirements include the data flow documentation under Requirement 1, the cardholder data discovery and scope reduction under Requirement 3, the access control restrictions under Requirement 7, the logging obligations under Requirement 10, and the security testing obligations under Requirement 11. This piece walks through the requirements that reach AI deployments, where most implementations fail the QSA review, and the inspection-layer architecture that produces the audit evidence and the scope reduction the assessor will accept.

Compliance & Regulationpci-dsscardholder-dataai-complianceaudit-logsinline-enforcementpayments
Read post →

GDPR Article 22 and AI: What Automated Decision-Making Requires of Production Deployments

GDPR Article 22 limits decisions based solely on automated processing that produce legal or similarly significant effects on the data subject. AI deployments that produce loan approvals, credit decisions, hiring decisions, fraud-detection outcomes, or insurance underwriting fall inside the scope. The exemption pathways carry their own obligations: explicit consent, contract necessity, or Union or member state authorization. The Article 22(3) right to obtain human intervention and the transparency obligation require records that demonstrate the meaningful intervention happened and that the data subject received meaningful information. This piece walks through the article, the exemption pathways, the meaningful-intervention test, and the inspection-layer architecture that produces the evidence the supervisor will accept.

Compliance & Regulationgdprarticle-22automated-decisionsai-complianceaudit-logsdata-protection
Read post →

GDPR and AI: Where Article 5, Article 22, and Article 32 Reach Production AI Deployments

GDPR applies to AI deployments wherever the AI system processes personal data of EU residents. The applicable articles overlap with the EU AI Act but predate it and reach a broader surface. Article 5 imposes the lawfulness, purpose limitation, and data minimization principles. Article 22 limits automated individual decision-making. Article 32 imposes the security of processing obligation that the audit log is evidence against. This piece walks through the GDPR articles that reach production AI deployments, the specific obligations each creates, where most AI implementations fail the test, and the inspection-layer architecture that produces the evidence the data protection authority will accept.

Compliance & Regulationgdpreu-ai-actai-compliancedata-protectionaudit-logsinline-enforcement
Read post →

AI Inline Enforcement Architecture: Where the Policy Decision Sits and What It Has To Commit

AI inline enforcement runs the policy decision in the request path, before the model API call returns to the calling application. The architecture places a deterministic policy decision point between the application identity and the model endpoint and commits a per-decision audit record before the response forwards. This piece walks through the architectural components, the decision-time data shape, the failure modes the implementation has to handle, and the regulatory profile that the inline placement satisfies (EU AI Act Article 12, NIST AI agent identity and authorization Pillar 2 and Pillar 3, Fannie Mae LL-2026-04, DORA Article 6).

Platform & Architectureinline-enforcementai-architectureai-gatewaypolicy-decision-pointauditeu-ai-act
Read post →

LiteLLM vs an AI Security Gateway: What Each One Does and Where They Compose

LiteLLM is an open-source LLM proxy that normalizes the API surface across more than 100 model providers and handles routing, retries, fallbacks, cost tracking, and basic key management. An AI security gateway sits at the same network position but answers a different question: identity-bound policy on prompt content, data classification at the request boundary, and a per-decision audit record that holds up under EU AI Act Article 12 review. The two products compose in production deployments. This piece walks through what each one does, where they overlap, and where the architectural responsibilities split.

Platform & Architecturelitellmai-gatewaycomparisoninline-enforcementai-architectureaudit
Read post →

Amazon Bedrock Gateway Patterns: How To Front Bedrock with Inline Enforcement

An Amazon Bedrock gateway sits between calling applications and the Bedrock runtime endpoints, attaches identity context to every InvokeModel and InvokeModelWithResponseStream call, evaluates a per-request policy, and commits a per-decision audit record before the request reaches Anthropic, Mistral, Meta, Cohere, AI21, or Amazon Titan. The gateway pattern complements Bedrock Guardrails by adding identity-bound policy enforcement and a per-decision audit record format that satisfies EU AI Act Article 12 and the Fannie Mae LL-2026-04 lender record requirement. This piece walks through the AWS SigV4 handling, the model-agnostic policy, and the audit record format.

Platform & Architectureamazon-bedrockai-gatewayapi-gatewayinline-enforcementawsaudit
Read post →

Anthropic API Gateway Patterns: How To Front api.anthropic.com with Inline Enforcement

An Anthropic API gateway sits between calling applications and api.anthropic.com, attaches identity context, evaluates a per-request policy, and commits a per-decision audit record before the request reaches Claude. The gateway pattern addresses the Anthropic Messages API, the tool-use loop, the streaming response, and the prompt caching feature. This piece walks through the request rewriting pattern, the system-prompt evaluation, the tool-use policy, the streaming SSE handling, and the audit record format that satisfies EU AI Act Article 12 and the deployer obligations under Article 26.

Platform & Architectureanthropicclaudeai-gatewayapi-gatewayinline-enforcementaudit
Read post →

OpenAI API Gateway Patterns: How To Front api.openai.com with Inline Enforcement

An OpenAI API gateway sits between calling applications and api.openai.com, attaches identity context, evaluates per-request policy, and commits a per-decision audit record before the request reaches the model. The pattern replaces the direct calling convention that uses an organization-bound API key with an inspection layer that the application addresses instead. This piece walks through the request rewriting pattern, the SSE and streaming response handling, the function-calling and tool-use evaluation, and the audit record format that satisfies EU AI Act Article 12 and the deployer obligations under Article 26.

Platform & Architectureopenaiai-gatewayapi-gatewayinline-enforcementstreaming-responsesaudit
Read post →

Stateless vs Stateful AI Proxy: Which Architecture Holds Up Under Production Load and Audit

A stateless AI proxy makes the policy decision on the contents of the current request and the per-decision audit record alone. A stateful AI proxy carries session memory, caches conversation history, or stores prompts across requests in its own storage. The choice has direct consequences for horizontal scaling, blast radius under compromise, the EU AI Act Article 12 record-keeping obligation, and the DORA third-party risk profile of the inspection layer. This piece walks through the architectural distinction, what each option requires from the deployment, and where most production teams settle once the trade-offs are visible.

Platform & Architectureai-proxyai-gatewaystatelessai-architectureinline-enforcementaudit
Read post →