How Mantle sits in the path
A transparent proxy between your organisation and its AI services. Requests flow through; policy and audit happen inline.
Mantle deploys as middleware — in your VPC, in our cloud, or hybrid. Nothing about your existing systems changes; the path through them does.
What happens to every call
Intercept
Mantle receives the AI request as an inline proxy. No agent rewrite, no SDK swap.
Authenticate & authorize
Identity is resolved from your IdP; policy decides what this tenant may do with this tool, on this data.
Enforce boundaries
Disallowed tools, data, or scopes are blocked before they execute — not flagged after the fact.
Log immutably
The full interaction is written to a tamper-evident audit store, attributed to tenant and identity.
Forward
Permitted requests continue to the AI service; the response is captured on the way back.
Deploy where your data lives
Self-hosted
Run Mantle entirely inside your own VPC. Data never leaves your network; you operate the gateway.
Managed cloud
We operate the infrastructure; you keep full policy control and audit access. Fastest path to running.
Hybrid
Control plane managed by us; data plane in your network. Policy convenience without data egress.