Songlines Gateway is the mandatory inline enforcement layer for all AI traffic. Policy is enforced, PII is redacted, and every interaction is audit-logged — before the request reaches any model. Zero application code changes required.
Songlines Gateway intercepts every AI request before it reaches a model. Policies are evaluated, sensitive data is handled, and every interaction is recorded — all in real time, with no changes to your application code.
Define governance rules once — Gateway enforces them on every request, across every model and every team. Block, redact, route, or escalate based on content, user, department, or data classification.
Automatically detect and redact personally identifiable information before it reaches any AI model. Supports Australian Privacy Act definitions, Medicare numbers, TFNs, and custom entity types.
Detect and block prompt injection attacks, jailbreak attempts, and adversarial inputs in real time. Protect your AI systems from manipulation without slowing legitimate workflows.
Route high-risk or sensitive requests to a human approver before they proceed. Configurable approval workflows with full audit trail — ideal for regulated industries and government use cases.
Automatically route requests containing sensitive or classified data to approved sovereign models only. Ensure PII, health data, and government information never leaves Australian infrastructure.
Every request, every policy decision, every redaction — logged immutably with full context. Tamper-evident records ready for compliance audits, IRAP assessments, and regulatory review.
Gateway policy evaluation adds less than 1ms to request latency. Enterprise-grade throughput with no perceptible impact on end-user experience — even at scale.
Deploy Gateway as a transparent proxy in front of your existing AI integrations. No SDK changes, no application refactoring — your teams keep working exactly as they do today.
Real-time dashboards showing policy trigger rates, blocked requests, redaction volumes, and approval queue status. Understand your AI risk posture at a glance.
Every AI request from every application in your organisation flows through Songlines Gateway. Here's what happens in under a millisecond.
Your application sends an AI request as normal. Gateway intercepts it transparently — no SDK changes, no proxy configuration visible to developers. The request is captured with full metadata: user identity, department, application, timestamp, and data classification.
The request is evaluated against your active policy set in real time. Policies can inspect content, user attributes, data classification, model selection, and request context. Evaluation is complete in under 1ms — imperceptible to end users.
Sensitive data is detected using Australian-specific entity recognition — Medicare numbers, TFNs, ABNs, health identifiers, and custom types. PII is redacted or tokenised before the request proceeds, with the original preserved in the secure audit log.
Based on policy outcome, the request is routed to the appropriate model (including sovereign-only routing for sensitive data), escalated to a human approver, or blocked with a structured response returned to the application. All outcomes are logged.
Every request, policy decision, redaction, and response is written to the immutable audit log. Records are tamper-evident and retained according to your data governance policy — ready for compliance audits, IRAP assessments, and regulatory review at any time.
Start with Songlines Control for immediate visibility. Expand to Gateway for inline enforcement. Complete the journey with the full sovereign Songlines Platform.
Our structured POC puts Gateway in front of your AI traffic in Week 1 and delivers a full executive readout in Week 2 — with zero risk and zero infrastructure changes.
