Visit
2 upvotes
SignalVault is an infrastructure layer that sits between your application and AI providers like OpenAI and Anthropic. Every prompt and response flows through SignalVault's proxy, where it's encrypted, scanned for violations, and logged with a complete audit trail.
THE PROBLEM
Teams ship AI features fast. Audit logs come later — if at all. PII and secrets slip through prompts undetected. When a security team asks "show me every prompt that contained customer data," most teams have nothing to show. SignalVault fixes that.
HOW IT WORKS
Route your AI requests through SignalVault using the Python SDK, Node.js SDK, or direct proxy. Your existing OpenAI or Anthropic code works unchanged — just point at a different base URL. Every request is then:
• Logged with AES-256-GCM encryption — immutable, tamper-proof audit trail • Scanned for PII — emails, SSNs, phone numbers, credit card numbers, IP addresses • Checked for secrets — API keys, bearer tokens, AWS credentials, connection strings • Evaluated against guardrail rules with configurable actions: block, warn, or redact • Tracked for token usage and cost
Integration takes minutes, not days. No code rewrites, no proprietary SDK lock-in.
KEY FEATURES
Encrypted audit logging: Every prompt and response stored with AES-256-GCM via Cloak. API keys hashed with HMAC-SHA256. Raw keys and unencrypted payloads are never persisted. Export-ready for SOC2 and GDPR reviews.
PII detection: Pattern-based detection catches emails, phone numbers, SSNs, credit card numbers, and more before they reach the AI provider. Configure rules to block the request, warn and log, or redact the sensitive content automatically.
Secret scanning: Detects API keys, bearer tokens, AWS keys, private keys, and connection strings leaking through prompts. Same block/warn/redact actions.
Budget controls: Set monthly cost limits and daily token caps per app. Receive alerts via email or webhook when thresholds are approaching. A budget.exceeded event fires when limits are hit.
Guardrail rules: Core rules (PII, secrets, budgets) included on all plans. Growth plan adds custom rules — write your own guardrail policies with pattern matching to enforce what your AI can and can't do.
Mirror Mode: Async logging that stays completely off the request path. Zero added latency. Shows what would have been caught without blocking anything. Useful for teams that want visibility before turning on enforcement.
Compliance exports: One-click CSV and JSON audit exports included on all plans — not gated behind enterprise pricing. Ready for SOC2, GDPR, HIPAA, and security reviews.
Email and webhook alerts: Get notified immediately when policy violations occur, budgets are exceeded, or AI errors spike. POST to Slack, Teams, Discord, or any HTTPS endpoint.
Unlimited logging: No log caps on any tier. Every request is recorded, always. Competitors cap logs and stop recording when limits are hit — SignalVault never stops watching.
WHAT MAKES SIGNALVAULT DIFFERENT
Most AI gateways focus on routing and model switching. SignalVault focuses on trust and compliance — the part that matters when a CISO asks for an audit trail. Three things set it apart:
Unlimited logging on every plan. Competitors like Portkey cap at 3M logs on their Pro tier and stop recording. SignalVault logs everything, always.
Compliance exports included from day one. Other tools gate CSV/JSON audit exports behind $5K+/month enterprise plans. SignalVault includes them on all tiers.
Built for reliability. The entire stack — proxy, detection engine, rule system, and dashboard — is pure Elixir running on the BEAM. No JavaScript frameworks, no Python workers. The BEAM was built for telecom-grade fault tolerance and high concurrency, which is exactly what a proxy needs.
TECH STACK
Runtime: Elixir / BEAM
Framework: Phoenix LiveView
Encryption: AES-256-GCM via Cloak
Key hashing: HMAC-SHA256
API format: OpenAI-compatible
Database: PostgreSQL
PRICING
Per-app subscriptions. Each app gets its own plan.
Starter ($49/month): Production environment, 30-day retention, core rules, unlimited logging, compliance exports.
Growth ($149/month): All environments (dev, staging, production), 90-day retention, custom rules, email + webhook alerts, Mirror Mode, priority support.
Free to try with 100 requests, no credit card required.
Built by a solo founder with a background in professional security tooling.
Smart KYC ClerX is an AI-powered KYC (Know Your Customer) automation solution designed to streamline and accelerate customer onboarding. Key features include:Agentic Automation: Orchestrates multiple AI agents to handle each step of the KYC process.Real-time Regulatory Adaptation: Self-learning agents adapt to regulatory changes, ensuring compliance.Intelligent Data Extraction: Automatically extracts and classifies data from various sources.Human-in-the-Loop: Allows for human intervention when needed, ensuring accuracy and control.Ideal for:Financial institutionsFinTech companiesBusinesses requiring KYC complianceSmart KYC ClerX significantly reduces KYC processing time, lowers operational costs, and minimizes errors by leveraging AI agents and seamless integration with existing enterprise systems.
ConvergePoint is a policy management software designed for Microsoft 365 SharePoint Online, streamlining the entire policy lifecycle. Key features include:Policy Draft, Review, and Approval: Automates the process of creating, reviewing, and approving policies.Policy and Procedure Library: Centralized repository for easy access and management of all policies and procedures.Policy Certification and Acknowledgement: Ensures employees acknowledge and certify their understanding of policies.Ideal for:Corporate Compliance TeamsHuman Resources DepartmentsLegal TeamsConvergePoint offers a comprehensive solution for managing policies within the familiar SharePoint environment, enhancing compliance and reducing administrative overhead.
VibeVerify is a security consulting service that helps businesses secure their digital infrastructure. Key features include:Comprehensive Security Audits: Thorough assessments of codebase and applications to identify vulnerabilities and compliance gaps.Expert Development: Professional feature development with security best practices built-in.Compliance Verification: Ensuring applications meet industry standards and regulations.Ideal for:Startups building new applicationsEnterprises seeking to improve their security postureCompanies needing to meet compliance requirementsVibeVerify offers expert security consulting with a focus on practical solutions and measurable results, providing long-term partnerships for continuous improvement and ongoing security excellence.
IntroductionKibu is a SaaS platform designed to streamline compliance, documentation, and reporting for service providers, particularly those in the disability services sector. Key features include:Attendance Notes: Easily record and manage attendance data.AI Reports: Generate insightful reports using artificial intelligence.Medication Content: Access and manage medication-related information.Life Plans: Tools for creating and managing individual life plans.Ideal for:Disability service providersOrganizations serving individuals with intellectual and developmental disabilitiesHealthcare professionals in related fieldsKibu helps service providers focus on delivering excellent care by automating administrative tasks and providing valuable content, ultimately reducing paperwork and improving efficiency.
RansomLeak is security awareness training built on interactive 3D simulations. Employees face realistic phishing emails, social engineering calls, and data handling scenarios based on documented attack patterns. They make decisions and see the consequences. Gamification keeps completion high. Deploys as SCORM packages for any major LMS or as a standalone cloud platform with analytics, SSO, and custom branding.
LRA Plus™ is a comprehensive AI-powered lightning risk assessment platform developed by Skytree Scientific that transforms lightning protection engineering by accelerating assessment workflows up to 90% while ensuring compliance with international standards including IEC 62305 and NFPA 780.
