How does Anoman AI prevent prompt injection attacks?

Anoman AI uses a layered defense stack. Every request passes through a DeBERTa v3 classifier trained specifically for prompt injection detection (with configurable thresholds), followed by heuristic pattern matching and content moderation filters. This runs in under 40ms and blocks malicious prompts before they reach the LLM provider. The detection cannot be disabled — only the sensitivity threshold is adjustable.

Which LLM providers does Anoman AI support?

Anoman AI routes to 100+ LLM models through direct provider integrations including OpenAI (GPT-4o, GPT-4.1), Anthropic (Claude Sonnet, Claude Opus), Google (Gemini 2.5 Pro, Gemini Flash), DeepSeek, Mistral, MiniMax, Groq, Together AI, and any OpenAI-compatible endpoint. You can also use OpenRouter as a fallback for additional models. Adding a new provider requires only a config change — no code modifications.

Is Anoman AI a drop-in replacement for OpenAI?

Yes. Anoman AI exposes a fully OpenAI-compatible API. You only need to change your base_url to point to Anoman's endpoint — no other code changes required. Any SDK that works with OpenAI (Python, TypeScript, Go, etc.) works with Anoman AI out of the box.

What is the added latency from using Anoman AI?

Anoman AI adds less than 30ms at p50 and less than 80ms at p95, including all guardrail checks (prompt injection detection, PII masking, content moderation, and policy enforcement). The full guardrail pipeline completes in under 100ms. For comparison, a typical LLM API call takes 500ms–3s, so the gateway overhead is negligible.

How does data residency work?

Anoman AI offers managed deployment in Singapore (asia-southeast1) and Jakarta (asia-southeast2). Each API key is tagged with a customer region, and all data — prompts, completions, traces, and logs — is stored exclusively in that region's database. Cross-region writes are treated as critical bugs. This architecture is designed for PDPA (Singapore) and UU PDP (Indonesia) compliance.

What does PII masking do?

Anoman AI's PII masking uses the Presidio framework to detect and anonymize personally identifiable information before it reaches the LLM. It detects standard PII types (names, emails, phone numbers, credit cards) plus region-specific identifiers like Singapore NRIC numbers and Indonesian NIK numbers. Detected PII is masked in transit and can be optionally restored in the response.

How much does Anoman AI cost?

Anoman AI offers three tiers: Free ($0/month, 1,000 requests, 3 providers), Developer ($49/month, 50,000 requests, all providers, full guardrails), and Team ($199/month, 500,000 requests, ML anomaly detection, data residency). You pay the LLM provider's token cost plus Anoman's platform fee. Enterprise pricing is available for custom requirements.

Can I use Anoman AI with my existing LLM provider API keys?

Yes. Anoman AI creates virtual API keys that map to your provider credentials. You configure your provider API keys (OpenAI, Anthropic, etc.) in Anoman's dashboard or via environment variables, and Anoman routes requests using those keys. Your provider keys are never exposed to end users — they only see their Anoman API key.

What is the policy engine?

Anoman AI's policy engine lets you define YAML-based rules to control what AI agents can and cannot do. You can create tool call allowlists and denylists, set per-session token budgets, enforce cost limits, and require specific data residency regions. Policies are version-controlled and applied per API key, giving you fine-grained control over each agent's capabilities.

Now in Developer Alpha

Secure Every AI Call.
The First Guarded LLM Gateway.

Route to 100+ LLM providers with agent-level observability, policy-based guardrails, and behavioral anomaly detection. Built-in security and compliance from day one.

LLM Models

<0ms

Added Latency

0.9%

Uptime SLA

SEA Regions

Free tier available. No credit card required.

main.py

from openai import OpenAI

# Just change the base URL — that's it.
client = OpenAI(
    api_key="anoman-sk-...",
    base_url="https://api.anoman.io/v1"
)

response = client.chat.completions.create(
    model="claude-sonnet",
    messages=[{"role": "user", "content": "Hello!"}]
)

Drop-in replacement for OpenAI SDK

Trusted by teams building the future of AI in Southeast Asia

TechVentures

SEA Digital

GoFinance

NusaTech

SilkRoad AI

MeridianIO

CloudFirst

DataPulse

500+

Teams Building

10M+

Requests Routed

99.9%

Uptime SLA

<30ms

Added Latency

Route to 100+ LLM providers through a single API

OpenAI

Anthropic

Google

Mistral

Everything you need to ship
secure AI agents

Enterprise-grade security and observability that takes minutes to integrate, not months to build.

Security Guardrails

Layered defense against prompt injection, PII leakage, and harmful content. DeBERTa classifier + heuristics + configurable policies.

Injection

PII

Content

Policy

Agent Observability

Full trace visibility into agent-to-LLM interactions. Tool call tracking, session replay, and cross-agent graphs powered by Langfuse.

tool.search

llm.claude

tool.execute

Policy Engine

YAML-based rules for tool call allowlists, session budgets, and data residency requirements. Version-controlled, audit-friendly.

allowed_tools:
  - search_kb
  - send_email
denied_tools:
  - delete_record

Anomaly Detection

Detect unusual agent behavior in real time. Rate spikes, cost anomalies, new tool usage, and multi-dimensional pattern analysis.

SEA Data Residency

Managed deployment in Singapore and Jakarta. PDPA and UU PDP compliance tooling. Your data stays in Southeast Asia.

encrypted

JKT

Cost Optimization

Smart routing by latency and cost. Per-key budgets, token metering, and usage analytics. Pay only for what you use.

Without Anoman$2,400

With Anoman$1,440

LLM Models

Every major provider, one API

<0ms

Added Latency

Near-zero gateway overhead

0.0%

Uptime SLA

Enterprise-grade reliability

SEA Regions

Singapore & Jakarta

Three steps to secure your AI stack

From zero to full observability in under 5 minutes.

Drop-in API

Replace your base URL with Anoman's endpoint. Works with any OpenAI-compatible SDK. Zero code changes needed.

from openai import OpenAI

client = OpenAI(
    base_url="https://api.anoman.io/v1"
)

Guardrails Activate

Every request passes through injection detection, PII masking, content moderation, and your custom YAML policies.

# Automatic protection on every call
# Injection: blocked (score: 0.94)
# PII: masked (3 entities)
# Policy: tools verified

Full Observability

Every LLM call is traced with token counts, costs, latency, and anomaly scores. Explore sessions in the dashboard.

Session → Trace → Spans
├── tool_call.search   12ms
├── llm.claude-sonnet  1.2s
└── tool_call.execute  45ms

Simple, transparent pricing

Pay-per-token passthrough + platform fee. No hidden costs.

MonthlyAnnual

Free

$0forever

For exploration and prototyping

1,000 requests/month
3 LLM providers
Basic guardrails (injection + PII)
7-day trace retention
Community support

Developer

$49/month

For indie developers and small teams

50,000 requests/month
All LLM providers
Full guardrail pipeline
30-day trace retention
Custom YAML policies
Anomaly detection
Email alerts
Priority support

Team

$199/month

For growing teams with compliance needs

500,000 requests/month
All LLM providers
Full guardrail pipeline
90-day trace retention
Custom policies + OPA
ML anomaly detection
Webhook + Slack alerts
RBAC & team management
Data residency (SG/JKT)
IDR/SGD billing

Enterprise

Custom

For organizations with compliance and scale requirements

Unlimited requests
All LLM providers
365-day trace retention
ML anomaly detection
SSO / SAML
Custom data residency
99.99% SLA
Dedicated support
UU PDP / PDPA audit reports

Singapore

Jakarta

Built for Southeast Asia

The only LLM gateway with managed data residency in both Singapore and Jakarta. Your data stays in the region.

PDPA Compliant

UU PDP Ready

ISO 27001

Dual-Region Deployment

Deploy to Singapore (asia-southeast1) and Jakarta (asia-southeast2). GeoDNS routes requests to the nearest region automatically.

PDPA & UU PDP Ready

Built-in compliance tooling for Singapore PDPA and Indonesia UU PDP. Audit logs, data flow documentation, and DPA templates included.

Local Currency Billing

Invoice in IDR or SGD. No USD conversion headaches. Stripe integration with local payment methods support.

Frequently Asked Questions

Everything you need to know about Anoman AI and LLM gateway security.

An LLM gateway is a proxy service that sits between your application and LLM providers like OpenAI, Anthropic, and Google. It routes API requests, enforces security policies, tracks usage, and provides observability — all through a single, unified API endpoint. Anoman AI is the first LLM gateway with built-in guardrails for prompt injection detection, PII masking, and policy-based tool call control.

Ready to secure your AI agents?

Get started in under 5 minutes. Free tier included. No credit card required.

Join 500+ developers on the waitlist. No spam.

Secure Every AI Call.The First Guarded LLM Gateway.

Everything you need to shipsecure AI agents

Security Guardrails

Agent Observability

Policy Engine

Anomaly Detection

SEA Data Residency

Cost Optimization

Three steps to secure your AI stack

Drop-in API

Guardrails Activate

Full Observability

Simple, transparent pricing

Free

Developer

Team

Enterprise

Built for Southeast Asia

Dual-Region Deployment

PDPA & UU PDP Ready

Local Currency Billing

Frequently Asked Questions

Ready to secure your AI agents?

Secure Every AI Call.
The First Guarded LLM Gateway.

Everything you need to ship
secure AI agents