Security & Compliance

AI usage your security team can approve

Centralize security and privacy across AI usage with sensitive-data redaction, request logs, audit logs, SSO, RBAC, and ZDR options.

Request a demo View security page

Redaction pipeline

Show what entered the system, what was redacted, and what was logged for review.

Identity

SSO

Access

RBAC

Data

ZDR + PII

Request

PII detected

Card and address entities were redacted.

Actor

Support app

Traffic tied to a scoped Universal API key.

Audit

Policy changed

Admin update tracked with time and actor.

New capabilities

What your team gains with Concentrate

Control who uses what

Map people, teams, keys, roles, and model access.

Reduce data risk

Use ZDR options and PII redaction where sensitive traffic needs protection.

Keep audit records

Track request logs and settings changes for internal reviews.

Where it fits

For GRC, InfoSec, legal, and internal audit

Security teams need proof: who sent the request, which key owned it, what data was filtered, and which policy applied.

Sensitive data handling

Redact PII, PCI, and PHI from prompts, responses, or both before traffic reaches a model provider.

Access review

Use SSO, RBAC, team workspaces, and API keys to limit who can use what.

Audit evidence

Keep request logs and audit logs for settings changes, access changes, and model usage reviews.

Provider policies

Turn zero data retention on and enforce it by provider, team, or key where policy requires it.

Security & Compliance basics

Frequently asked questions

What evidence does a security team need for AI usage review?

Security usually needs to know who can call models, which keys map to which apps, what data can be sent, whether PII redaction or ZDR options apply, and whether request logs and audit logs exist for review.

Can model access be restricted by team or app?

Yes. Use roles, workspaces, API keys, and model access settings to limit which teams or apps can call specific models or providers. A customer-facing app can have stricter access than an internal evaluation project.

How should sensitive prompt data be handled?

Use PII redaction where sensitive fields may appear, enable ZDR options where provider retention is a concern, and keep logs scoped so reviewers can see redaction events without exposing raw secrets unnecessarily.

Security & Compliance

AI usage your security team can approve

Centralize security and privacy across AI usage with sensitive-data redaction, request logs, audit logs, SSO, RBAC, and ZDR options.

Request a demo View security page

Redaction pipeline

Show what entered the system, what was redacted, and what was logged for review.

Identity

SSO

Access

RBAC

Data

ZDR + PII

Request

PII detected

Card and address entities were redacted.

Actor

Support app

Traffic tied to a scoped Universal API key.

Audit

Policy changed

Admin update tracked with time and actor.

New capabilities

What your team gains with Concentrate

Control who uses what

Map people, teams, keys, roles, and model access.

Reduce data risk

Use ZDR options and PII redaction where sensitive traffic needs protection.

Keep audit records

Track request logs and settings changes for internal reviews.

Where it fits

For GRC, InfoSec, legal, and internal audit

Security teams need proof: who sent the request, which key owned it, what data was filtered, and which policy applied.

Sensitive data handling

Redact PII, PCI, and PHI from prompts, responses, or both before traffic reaches a model provider.

Access review

Use SSO, RBAC, team workspaces, and API keys to limit who can use what.

Audit evidence

Keep request logs and audit logs for settings changes, access changes, and model usage reviews.

Provider policies

Turn zero data retention on and enforce it by provider, team, or key where policy requires it.

Security & Compliance basics

Frequently asked questions

What evidence does a security team need for AI usage review?

Can model access be restricted by team or app?

How should sensitive prompt data be handled?

AI usage your security team can approve

What your team gains with Concentrate

Control who uses what

Reduce data risk

Keep audit records

For GRC, InfoSec, legal, and internal audit

Sensitive data handling

Access review

Audit evidence

Provider policies

Frequently asked questions

LLM Gateway

Teams

Integrations

Platform

Legal

AI usage your security team can approve

What your team gains with Concentrate

Control who uses what

Reduce data risk

Keep audit records

For GRC, InfoSec, legal, and internal audit

Sensitive data handling

Access review

Audit evidence

Provider policies

Frequently asked questions

LLM Gateway

Teams

Integrations

Platform

Legal