Redaction
PII, keys, and custom patterns are detected before egress.
The hard boundary for outbound AI
The AI VPN for controlled outbound traffic.
Redact sensitive fields, enforce provider boundaries, and control costs before prompts, files, and runtime context leave your environment.
Spendplane sits between your tools and every model provider as the mandatory request boundary for policy, routing, and observability.
Live Traffic Stream
boundary active
Raw request
prompt: summarize this support case
customer_email: stefan.kilo@gbc.com
api_key: sk-live-private-...
provider: openai-direct
Spendplane output
prompt: summarize this support case
customer_email: [EMAIL_1]
api_key: [SECRET_1]
provider: approved-lane/openai
PII scan
2 matches
Budget mode
balanced
Route
approved
Intercept. Sanitize. Route.
Governance
at the edge.
One control surface replaces direct provider calls with a reviewable, cost-aware outbound path.
Zero-latency pattern matching
Support for 24+ model providers
SOC2 compliant audit logging
Boundary control
Only approved providers and lanes are reachable from the request path.
Cost governance
Budget ceilings and downgrade rules apply before the call is made.
Auditability
Every request leaves with a trace, a policy decision, and a destination.
Request lifecycle
One pipeline between your environment and every model.
STAGE 01
Ingress
Apps, IDEs, and agents send one OpenAI-compatible request into Spendplane.
STAGE 02
Inspection
Headers and payloads are checked for secrets, PII, and policy violations.
STAGE 03
Decision
Routing, budget, and provider rules determine the allowed lane.
STAGE 04
Execution
Only the cleaned and approved payload reaches the selected provider.
Provider abstraction
One gateway, every model.
Spendplane Endpoint
tunnel.spendplane.io
OpenAI
Anthropic
Google
OpenRouter
vLLM
Ollama
Keep one integration point while Spendplane normalizes routing across hosted providers, managed gateways, and local inference lanes.
Standardize outbound headers across teams
Unified credential management strategy
Decentralize key usage without decentralizing policy
Audit & proof
The surface teams actually need after launch.
| Operation | P50 latency | P99 latency |
|---|---|---|
| Handshake and auth | 0.4ms | 1.2ms |
| PII scan (regex) | 0.8ms | 2.1ms |
| PII scan (ML model) | 4.2ms | 8.5ms |
| Budget enforcement | 0.1ms | 0.3ms |
| Total proxy transit | 1.3ms | 3.6ms |
Benchmarks performed on AWS us-east-1 with 1k token payload sizes.
Sovereign audit stream
[09:14:02] request_ingress
source: 192.168.1.42 (us-east-1)
policy: pattern_redaction_v2
[09:14:03] pii_match_detected
type: email_address (confidence: 0.99)
action: substituted "[EMAIL_1]"
[09:14:04] routed_to_provider
destination: anthropic/claude-3-opus
status: secure_egress_complete
Your builders deserve a real boundary, not another promise.
Route outbound AI traffic through one controlled layer before it reaches a provider, then scale with clearer policy and visibility.