← Back to site Get started →
Platform Brief · Confidential

The AI governance gateway
your workforce has been waiting for.

membrAIn eliminates the only thing standing between your organization and the AI tools that actually matter — the security, compliance, and governance gap that keeps IT saying no while employees go around them anyway.

Ed25519Signed audit lineage
One env varFull deployment
Every OSZero install
$1,499 + usagePer month base + $69/integration + $35/user
The problem
67% of enterprises have already been breached by AI tools they didn't approve.

The AI adoption gap is not about willingness — it's about trust. Your team wants Claude, GPT-4o, and Gemini. Your organization's best performers are already using them on personal accounts, in browser sessions that IT cannot see, sending prompts that contain company data to providers that have no contractual relationship with your organization.

Meanwhile, IT and legal are saying no to the official request. Not because AI isn't valuable — the data on that is unambiguous — but because there is no governance layer. No audit trail. No DLP protection. No way to prove compliance to a regulator who asks what happened.

The result: the security-conscious organization falls behind. The employees work around it. The data leaks anyway. And when something goes wrong, there is no evidence chain to investigate it.

67%
Enterprises breached by shadow AI
50min
Saved per AI user per day
26%
CIOs cite security as #1 AI blocker
The scenario that keeps CISOs awake at night
An AI agent reads a vendor email, follows an embedded malicious instruction, and exfiltrates 60,000 customer records. The firewall logs show nothing unusual. No human touched a credential. OWASP 2026 ranks this — goal hijacking via indirect prompt injection — as the #1 AI security threat. Traditional security tools cannot detect it because it looks like normal HTTPS traffic to an AI provider.
The solution
One URL that governs every AI call across your entire organization.

membrAIn is a cloud-hosted API gateway that sits between your LLM SDKs and every AI provider. Your developers change one environment variable. Everything else — DLP scanning, threat detection, Ed25519 lineage chain, audit log, cost attribution, compliance documentation — happens automatically at the gateway, before any message reaches a model.

No agent to install. No MDM required. No code changes beyond a single env var. Works on Windows, macOS, Linux, iOS, Android, Docker, CI/CD, and serverless — because it is just a URL, and every platform that makes an HTTPS request works with it.

# Before — ungoverned, unencrypted, invisible to IT
ANTHROPIC_API_KEY=sk-ant-...

# After — fully governed, two variables, zero code changes
ANTHROPIC_BASE_URL=https://gateway.getmembrain.ai/c/your-account-id
MEMBRAIN_KEY=mbr_live_citadel_your-key-here
Every AI call from that moment on
✓  DLP scanned before the LLM sees the payload (113 gateway patterns)
✓  Ed25519-signed lineage envelope — tamper-evident provenance chain
✓  TLS 1.3 in transit; secrets & tokens encrypted at rest with AES-256-GCM
✓  Real-time threat detection — 294 threat signals across OWASP Agentic categories
✓  Token cost attributed by agent, team, and project
✓  Visible in governance dashboard within milliseconds of the first call
How it works
Three layers. One gateway. Complete protection.
1
Unlock — every AI tool that actually matters
Claude Sonnet 4.6. GPT-4o. Gemini 2.0. AWS Bedrock. Azure OpenAI. Every major provider through one governed gateway URL. IT and legal say yes — because the controls are real and auditable. Your team stops using shadow AI because the real tools are finally approved. Multi-provider routing with automatic failover across three global regions.
2
Protect — detect and contain threats before they execute
Every payload is DLP-scanned before the LLM sees it. Prompt injection patterns checked. Goal hijacking detected. Behavioral baseline anomaly scoring runs per agent. When a threat is detected at HIGH severity, the agent is automatically quarantined, a signed incident report is generated, PagerDuty fires, and your security team is notified — all within 30 seconds, before any human touches a keyboard.
3
Prove — compliance documentation that writes itself
Every AI interaction is logged, Ed25519 signed, and SHA-256 hash-chained in an immutable audit trail. EU AI Act Annex IV evidence, HIPAA §164.312 audit controls, SOC 2 CC6.1 evidence, and GDPR Article 30 records are supported via signed NDJSON export. The audit log is the compliance artifact — export it and assemble the final document.
Technical architecture
Built on the edge with a minimal attack surface.

The AI Gateway is a TypeScript Cloudflare Worker that runs on Cloudflare's global edge network across 300+ locations. Every AI call is proxied, DLP-scanned, and signed into the audit chain before it reaches a provider. Shadow-AI visibility is delivered by the browser-based Web Agent — it watches navigation across 101 AI domains and captures a dual signal (page visit plus prompt submission) with no DNS or network change required.

Layer 1 — Audit chain
Ed25519-signed, hash-chained audit lineage
Every governed event is Ed25519-signed and SHA-256 hash-chained into a tamper-evident sequence the customer can verify offline. Connections use TLS 1.3 in transit; secrets and connector tokens at rest are encrypted with AES-256-GCM. Sub-millisecond signing overhead per message.
Layer 2 — Provenance
Ed25519 cryptographic lineage chain
Every message carries a signed lineage envelope: source agent UUID, claim type (WITNESSED / INFERRED / RELAYED), confidence class, upstream hash, timestamp, Ed25519 signature. Tamper the lineage, invalidate the message. The chain traces every claim back to its origin — tamper-evident, auditable, and mathematically verifiable.
Layer 3 — Intelligence
Trust scoring and threat detection
113 DLP patterns scanned inline before the prompt reaches the model, plus 294 threat signals. Prompt injection pattern library (OWASP ASI01). Behavioral fingerprint baseline per agent — deviation scoring catches novel attacks that pattern matching misses. Excessive agency detector validates tool call scope against registered capabilities.
Layer 4 — Governance
Full enterprise governance suite
Cost attribution by team/agent/project with spend visibility. Model allow-list per account. Acceptable Use Policy acknowledgment enforced at gateway — first call blocked until employee signs. Agent quarantine via key revoke from the Agent Fleet UI.
Competitive landscape
The only platform that gives you a portable audit credential — verifiable by your team, offline.

Every competitor monitors traffic or secures the channel. None deliver a per-account Ed25519 audit chain where every event is cryptographically signed, hash-chained, and verifiable offline by the customer without access to your infrastructure.

Capability membrAIn TrueFoundry Prompt Security WitnessAI Bifrost
Ed25519 cryptographic lineage✓ Per-account, offline-verifiable
Zero endpoint install✓ One env var~ Library~ Config~ Agent~ Self-host
iOS / Android support✓ All platforms
DLP pre-LLM scanning✓ 113 patterns~ Limited
Auto-quarantine + report✓ <30s PDF~ Alerts~ Alerts
AUP gateway enforcement
EU AI Act compliance docs✓ Auto-generated~ Manual~ Manual
Starting price$1,499/mo + usageQuote onlyQuote onlyQuote onlyFree OSS
Compliance & certifications
Built for regulated industries from day one.

membrAIn's architecture was designed to meet the requirements of regulated environments — healthcare, financial services, legal, government contractors — where AI governance is not optional and the cost of a violation is measured in seven figures.

Ed25519 Lineage EU AI Act Annex IV HIPAA §164.312 SOC 2 Type II (in progress) GDPR Article 30 OWASP Agentic Top 10 NIST AI RMF

EU AI Act: Prohibited-practice and GPAI rules are in force (fines up to €35M or 7% of global revenue). Annex III high-risk obligations apply from December 2027. membrAIn's auto-generated Article 11 technical documentation, audit log, and human oversight mechanisms directly address the obligations for organizations deploying AI in employment, healthcare, financial services, or critical infrastructure.

HIPAA: The DLP engine blocks or redacts PHI (including DOB, MRN, NPI, and 12 other identifiers) before any prompt reaches a model provider. Every interaction is logged with a HIPAA-compliant audit trail that satisfies §164.312(b) requirements.

Pricing
Transparent. Pays for itself on day one.
One product. One price.
$1,499
platform fee · per month
+$69 / integration / month
+$35 / active user / month (1–50)
+$28 / active user / month (51–200)
+$22 / active user / month (201–500)
+$18 / active user / month (500+)
All five governance lanes
113 DLP patterns pre-LLM (gateway)
Ed25519 signed audit lineage
Behavioral anomaly detection
Auto-quarantine + signed reports
Cost attribution + spend visibility
EU AI Act / HIPAA compliance docs
Model version pinning + AUP enforcement
Multi-provider routing + failover
Governance dashboard
SIEM integration (Splunk, Sentinel)
99.5% uptime SLA

PLATFORM 100–1,000 SEATS: $150K–$500K/YR · ENTERPRISE OEM 1,000+ SEATS: $500K–$2M + ROYALTIES

Return on investment
The ROI isn't membrAIn. It's everything membrAIn unlocks.

Enterprise workers using AI save 40–60 minutes per day. At a loaded hourly cost of $65, that's $2,708–$4,062 per employee per year in recovered productivity — for every employee who gains access to governed AI tools. membrAIn for a 50-person team with 3 integrations costs approximately $3,456/month. The productivity value of 50 employees gaining AI access is $135,000–$203,000/year. Before token savings, incident avoidance, or compliance cost reduction.

The more accurate framing: what is the cost of the next AI-related compliance violation? A single HIPAA violation averages $50,000–$1.9M. A GDPR enforcement action for undocumented AI processing: up to €35M. A data breach from shadow AI: industry average $4.88M (IBM 2024). membrAIn's annual cost at any tier is a fraction of any one of those outcomes.

Ready to give your team the AI tools worth using?

15-minute live demo. We connect your AI tools through the membrAIn gateway live and show the governance dashboard in real time. Under NDA on request.

Get started now → Back to site

© 2026 membrAIn LLC · Charlotte, NC · [email protected] · USPTO Patent Pending #64/062,331