Every LLM call passes through one gateway that enforces policy before the provider is called, posts every dollar to a finance-grade ledger, and proves what the spend produced. One product — not five stitched together.
Observability tools watch traffic after the fact. Guardrail services score risk but can't stop a request. FinOps platforms see the invoice, not the request. Developer-analytics tools count activity, not outcomes.
Wardin is the only layer that enforces, meters, and attributes from inside the request path — so a policy violation never reaches a provider, every token has an owner before finance asks, and every dollar can be traced to the work it produced.
PII redaction, injection shields, model allowlists, and budget caps execute before the provider is called. A violation never leaves your network — there is nothing to clean up afterward.
Every dollar posts to a team, a virtual key, and a person — as it's spent, not when the invoice lands. Budgets enforce themselves; month-end closes clean into NetSuite.
Spend correlated with PR acceptance, review cycles, and delivery signals from GitHub and Jira. Raw token counts are excluded by design — you can't game it by burning more.
Each call emits a tamper-evident record — actor, model, policy checks, cost — chained by hash to the one before it. When the auditor asks, you export a quarter of evidence in one click, not one quarter of engineering time.
EU AI Act, NIST AI RMF, SOC 2 — compliance stops being a project and becomes a byproduct of the path itself.
Five contracts, five dashboards, five places the story can disagree — and still nothing that can stop a bad request.
One gateway in the request path. Policy, ledger, evidence, and outcomes are properties of the same record — they can't disagree.
Nothing un-scanned. Every prompt passed PII and injection checks in-path, and the signed chain proves it — per request, per quarter, per framework.
Every token debits a team and a key at request time. Budgets warn at 80% and enforce at 100% — the ledger closes clean without a reconciliation sprint.
Spend lines up against PR acceptance and delivery signals — not token volume. You see which teams turn dollars into shipped work, and which just burn.
LiteLLM and Portkey are proxies — they route requests. Wardin sits in the request path to enforce: budgets hard-stop with an atomic Redis check before the request reaches a provider, policies (model allowlists, prompt-injection screens) block in-path, and every request emits a signed, tamper-evident receipt. If you only need routing, they're great; if you need governance and finance-grade cost attribution, that's Wardin.
Observability tools tell you what happened after the money is spent — they can't block a request. Wardin is enforcement plus observability: the same gateway that meters cost per team, key, and session can refuse the request that would blow the budget.
Not yet. The gateway may be open-sourced later, but we won't put "open source" on the site until there's a public repo you can actually clone.
Yes — point ANTHROPIC_BASE_URL (or your tool's base-URL setting) at the gateway with a Wardin virtual key. No client code changes. Agentic traffic is grouped into sessions so you see cost per task, not noise across thousands of tool-call requests.
Anthropic, OpenAI, AWS Bedrock, and Google Vertex (Gemini), with configurable fallback routing across them. Bring your own provider keys.
Join the waitlist. We onboard teams in small batches so early support stays personal — reply to the welcome email and tell us what your AI cost chaos looks like, and we'll prioritize you.