Coming soon · for large & regulated organizations

Governed AI access
for your organization

PrivateForge Enterprise gives IT, security, and compliance teams advanced control over identity, provider keys, approved models, audit logs, and data boundaries.

Annual per-seat license · no credit metering · sales-led onboarding

Bring your own keys — only

Your keys. Your provider contracts. No middleman metering.

Metering is off at the org level. Every call runs on your own provider keys — Bedrock, Azure, or any supported model provider — your DPAs, your rates, your spend surfaced for FinOps.

Keys are KMS-encrypted, decrypted only at request time, and never shown to anyone after you save them
Key-health dashboard: last rotated, last used, expiring soon — per provider, per workspace
Guided BYOK onboarding when you upgrade from Business — with a transitional window so nothing breaks mid-switch

enterprise core — governed byok · allow-lists · siem

Behind your identity

The Enterprise core sits behind your identity provider and policy allow-lists.

SSO/SAML · SCIM · MFA

BYOK-only routing

Routes inference only to your own BYOK keys — no metering.

Streamed to your SIEM

Streams an append-only audit log to your SIEM.

Datadog · Splunk · JSON/CSV

Governance

The controls, named plainly

No mystery bundles — this is what the Enterprise tier is for.

SSO / SAML + SCIM

Your IdP is the front door — sign-in, MFA, automatic provisioning. No self-serve signups.

Audit export

Append-only log, exported as JSON/CSV or streamed to Datadog, Splunk, or your webhook.

Data residency

Pin where data lives and where calls originate, per org.

Model & tool allow-lists

Restrict models and tools per role — the router refuses off-list, and says so.

Tenant isolation

Dedicated boundaries for data, connections, logs — plus IP allow-listing.

DLP & redaction

PII redaction on egress + approval queues — rolling out.

Enterprise ships under annual contracts. Your sales engineer will walk through what’s live today versus scheduled on the roadmap — including the current state of compliance documentation (SOC 2, HIPAA BAA, GDPR DPA).

The sensible path

Prove it small.
Roll it out big.

Start one team on Business. Flip the org to Enterprise when InfoSec is ready — nothing migrates, the same org gains the controls.

Pilot on BusinessOne team, self-serve, 7-day trial. Workspaces, roles, and the audit log are already in place.
Sign the annual licensePer-seat Enterprise contract with the governance bundle and your compliance requirements scoped.
Switch on BYOK + SSOGuided key onboarding and IdP federation — with a transitional window, then metering disabled for good.

Bring AI into the org, on your terms

Your keys, your identity provider, your audit pipeline — and one workspace for every team.

Governed AI accessfor your organization