Secure GenAI traffic without slowing teams down.
Control at runtime. Prove it after.
Treeline Proxy enforces signed, versioned policies on prompts, responses, and agent tool calls — producing deterministic allow / redact / block decisions and audit-grade, privacy-safe telemetry your security team can defend.
GenAI has escaped the control plane
Security teams can’t govern prompts like code. Platform teams can’t ship AI if they can’t prove control. “Trust us” does not pass audits.
Prompt leakage bypasses DLP
Prompts and tool calls often never hit traditional controls. Secrets and PII slip through invisible paths.
- Credentials in prompts
- PII in outputs
- Regulated terms
Agents create unlogged actions
Tool calling expands blast radius: actions happen outside the normal app boundary.
- Unapproved endpoints
- Data exfil routes
- Shadow workflows
No proof of enforcement
If you can’t show what policy ran and what it did, you don’t have governance — you have hope.
- No policy version trace
- No evidence artifacts
- No audit narrative
Want a low-friction starting point?
Start with a pilot that produces a signed policy pack + evidence artifact your team can review.
Three deliverables: Policy, Proof, Telemetry
Deterministic enforcement you can defend to executives, auditors, and counsel.
Policy
Signed policy packs that evaluate GenAI payloads consistently — across teams and vendors.
- ed25519 signatures
- Monotonic versions (vX.Y.Z)
- Rollback-safe releases
Proof
Test vectors + CI evidence artifacts: a verifiable record that policy vX did what it claims.
- Golden test corpus
- Expected results
- Compliance-ready outputs
Telemetry
Privacy-safe metrics and dashboards that show control without retaining raw prompt content.
- Decision rates
- Top rule hits
- Latency SLOs
Get architecture + pricing
Deployment patterns (Envoy / API GW / CloudFront + WAF) and commercial tiers designed for pilots → regulated production.
Proof you can show a CISO
Every decision is traceable to a signed policy version. Evidence is machine-verifiable.
Signed policy pack (example)
├─ rules.yml
├─ thresholds.yml
├─ tests/
├─ manifest.json (sha256, issuer, version)
└─ signature.sig (ed25519)
Policy packs ship like code. Rollouts are measurable. Rollbacks are safe.
CI evidence (example)
✅ tests: 312 passed, 0 failed
✅ expected_results: MATCH
✅ publish: v1.2.0 (immutable)
artifact: evidence-v1.2.0.zip
This is what turns “we think it’s safe” into “we can prove it.”
Privacy-safe by default
Governance without raw prompt retention. Keep sensitive text out of logs while keeping decisions provable.
No raw retention
Default posture is no raw prompt storage. Export derived signals only (decision, rule hits, counters, latency).
Audit narrative
Decisions are traceable to a signed policy version, with test vectors and evidence artifacts for reviewers.
Compliance-ready posture
Designed to support regulated environments. Add-on reporting and approvals available in regulated tiers.
Have a compliance deadline?
Tell us your framework and we’ll map policy packs + evidence outputs to what auditors ask for.