REIGN · SPINE · AI GATEWAY
Reign AI Gateway
MCP-Native. Governs LLM & Autonomous-Agent Traffic.
Continuous Observability + Continuous Assurance. The Trust Layer for Enterprise AI.
AI Gateway is component 1 of the Reign Spine — policy enforcement at runtime. Every AI interaction audited. Every autonomous-agent tool call governed. Every data flow controlled.
Three Lines of Defense
AI Gateway is the 1st Line of Defense — policy enforcement at runtime. Model Risk Validation is the 2nd Line · Audit Ledger (CAVR) is the 3rd Line · Assurance Packs is independent assurance.
Trusted by security-conscious enterprises
The Shadow AI Problem
Your developers are already using AI. The question is: do you know how?
Widespread
Industry studies show most enterprises have some untracked AI usage
Hidden Costs
Unmanaged AI tools often lead to unexpected spending and inefficiencies
Limited
visibility into what data is shared with AI tools
Before vs. After Reign AI Gateway
| Capability | Without Reign | With Reign |
|---|---|---|
| AI Usage Visibility | 0% | 100% |
| Shadow AI Detection | None | Real-time |
| Compliance Audit Time | Weeks | Minutes |
| Data Leak Risk | High | Near Zero |
| Policy Enforcement | Manual | Automated |
| Cost Attribution | Unknown | Per-user/per-project |
Measurable Impact
100%
AI Usage Visibility
across all tools
Faster
Compliance Cycles
audit preparation
Self-Funding
ROI Model
talk to sales for your scenario
The Reign Gateway Stack
Three layers of defense. Complete AI governance.
LLM Routing Engine
Intelligent Model Orchestration
Route every LLM request through centralized governance. Enforce model selection policies, balance cost vs. performance, and maintain complete control over which models your teams can access.
Key Benefits
AI Guardrails
Every Packet Verified
No implicit trust. Every data request authenticated. Every response sanitized. PII redaction, secret detection, prompt injection defense, and content filtering built-in.
Key Benefits
Audit Ledger (CAVR)
Tamper-Evident Audit Trail
Every query logged. Every response recorded. Every decision traceable. The Audit Ledger captures contemporaneous, tamper-evident records that flow into Assurance Packs for SOC 2, HIPAA, EU AI Act, and FedRAMP submissions.
Key Benefits
Built for the Agentic Era
The same gateway that governs your LLM traffic now seamlessly connects to Reign AI Gateway · MCP Defense — the protocol-agnostic control plane for every tool your AI agents touch.
MCP, REST/OpenAPI, gRPC, CLI/exec — every transport governed with the same RBAC, signatures, rug-pull protection, and audit trail.
Every agent-to-tool call flows directly into the Audit Ledger and Assurance Packs. Full traceability for EU AI Act, SOC 2, and regulatory submissions.
One gateway. One control plane. From simple LLM calls to full multi-agent systems — all governed, audited, and sovereign-ready.
Enterprise-Grade Guardrails
Built-in protection for every AI interaction
PII Detection
Automatically detect and redact personally identifiable information before it reaches any LLM provider.
Prompt Validation
Validate every prompt against configurable policies. Block prompt injection attacks in real-time.
Secret Detection
Prevent API keys, tokens, and credentials from being sent to AI providers.
Content Filtering
Enforce content policies on both inputs and outputs. Block inappropriate or sensitive content.
Cost Governance
Set per-user, per-team, and per-project spending limits. Real-time budget tracking and alerts.
Real-time Monitoring
Live dashboards showing every AI request, response time, model usage, and policy violations.
Supported LLM Providers
Govern any model from any provider — cloud, self-hosted, or custom. Reign is model-agnostic by design.
OpenAI o3 / GPT-4.1
OpenAI
Claude Opus 4 / Sonnet 4
Anthropic
Gemini 2.5 Pro / Flash
Grok 4.2
xAI
LLaMA 4 Maverick
Meta
Mistral Large / Medium
Mistral AI
DeepSeek R1 / V3
DeepSeek
Cohere Command A
Cohere
Any Model / Private LLMs
Cloud or On-Prem
Enterprise-Ready Integrations
Connect your entire ecosystem in minutes
Identity & SSO
AI Providers
DevOps Tools
Compliance
Frequently Asked Questions
Reign AI Gateway routes all authorized AI traffic through your controlled environment with full audit trails. To prevent shadow AI (direct access to unauthorized AI providers), organizations typically pair the Gateway with firewall rules blocking AI provider URLs or endpoint policies. Reign provides the visibility and reporting to identify who's using AI and ensure compliance.
Yes. Reign AI Gateway supports any AI model — cloud-hosted (OpenAI, Anthropic, Google) or self-hosted (LLaMA, Mistral, custom models). The same governance policies apply regardless of where your models run.
Deployment timelines depend on your environment, identity-binding requirements, and the scope of the AI / agent surface area in scope. Talk to our team about your specific environment.
AI Gateway is component 1 of the Reign Spine — policy enforcement at runtime. Combined with Audit Ledger (CAVR) and Assurance Packs, the Spine generates submission-ready evidence for SR 11-7, OSFI E-23, EU AI Act, ISO 42001, NIST AI RMF, FDA PCCP, 21 CFR Part 11, FCA / MiFID II, NIST 800-171 / CMMC, and SOC 2 (AI).
Reign is available by application through the Reign Design Partner Program. Design partners shape policy templates, identity-binding patterns, and tool-call governance defaults.
Yes. Pilots are typically scoped to a single team, business unit, or use case — talk to our team about a scope that maps to your governance objective.
MCP-native gateway. Built for the agentic threat landscape.
The AI Gateway governs every MCP tool call your agents make — across protocols, sources, and threat surfaces. One control plane, one audit trail, one access policy.
Govern Every Tool — Regardless of Protocol or Source
Reign-Managed
Protocols deployed and operated by iTmethods on Reign infrastructure. MCP, REST, gRPC, CLI.
Examples:
- • Atlassian API on Reign infra
- • GitHub REST on Reign infra
- • Database APIs
Vendor-Managed
Protocols operated by the vendor. MCP, REST, gRPC, CLI adapters supported.
Examples:
- • Atlassian Cloud APIs
- • GitHub Copilot MCP
- • Vendor X REST endpoints
Customer-Managed
Protocols operated by your team. MCP, REST, gRPC, CLI all supported.
Examples:
- • Internal APIs
- • Custom MCPs
- • Self-hosted services
The Agent Tool Threat Landscape
Emerging threats from malicious tool behavior that traditional governance approaches miss.
Tool Poisoning
Malicious instructions hidden in tool metadata manipulate agents into unauthorized actions. First documented by Invariant Labs, April 2025.
Tool Shadowing
Cross-server contamination — a malicious server corrupts the behavior of trusted tools on the same client, silently.
Rug Pull
Tool behavior silently altered after user approval. Current clients don't detect or notify when tool descriptions change post-install.
Defense Features
Comprehensive defense against tool threats — scaled to your environment.
Tool Signature Verification
Cryptographic signing of tool packages. Block unsigned and tampered tools.
Description Change Detection
Continuous monitoring of tool metadata for unauthorised changes. Rug pull defense.
Tool-Level RBAC
Per-user, per-agent, per-tool access controls with data scope limiting.
Policy Engine + Approvals
Human-in-the-loop for high-risk operations. EU AI Act Art. 14 alignment.
Agent Chain Reconstruction
End-to-end tracing of multi-hop agent→tool→tool sequences. OpenTelemetry export.
Credential Vault (SSO/SCIM)
Replace static API keys with enterprise-managed auth. OAuth 2.1 + PKCE.
Cross-Agent Dependency Map
Visual graph of agent-tool relationships. Identifies single points of failure.
Server Lifecycle Management
Deploy, version, monitor, and deprecate servers. Continuous health monitoring with failover.
Audit Ledger Integration
Agent Chain evidence flows directly into Audit Ledger (CAVR) and Assurance Packs.
Reign Spine