Roder is built on four pillars that work together as one product: a provider-agnostic AI gateway, a composable policy engine, deep MCP supply-chain protection, and a real-time cost engine. Audit logs and an EU-resident control plane connect all of them.
One gateway in front of every major LLM. Composable CEL policies (block, redact, modify, require_ciba), WAF rules, rate limits and per-endpoint configuration, with an immutable EU-resident audit trail of every request.
CEL-based policy engine that runs in the request path. Block, redact, modify or require strong consent, per endpoint, per realm, per principal. Severity and priority for every rule. Built so security teams can ship policy without writing code.
Lethal-trifecta detection, TOFU pins, Trust Graph, Ed25519-signed rule-packs with a hash-chained transparency log, and kill-switch sources for every MCP. The deepest MCP supply-chain controls on the market. Built in, not promised.
Per-team and per-endpoint token attribution. Routing recommendations across model classes. Semantic caching. Hard budgets and soft throttles. And the guarantee: security never turns off when budget fills.
Most AI security tools stop at the LLM. Roder's Trifecta goes deeper, into the MCP protocol itself, where agents call tools, fetch data and chain actions. Three controls work together so a single tool cannot escape the system.
Detects the three-step pattern (sensitive data + private context + outbound channel) where MCP servers can exfiltrate. Real-time, in the request path, evidence-grade.
Trust-on-first-use pins every MCP server's identity and capabilities; the Trust Graph visualises every agent-to-resource relationship, with read-only auditor mode.
Ed25519-signed policy bundles with a hash-chained transparency log, multi-key rotation, per-pack expiry and discovery review (RFC 9728 + DCR). Compliance-ready out of the box.
Every request (from a browser, developer call, AI agent or AI product) flows through the same deterministic sequence. No magic. No silent failures. Every step is auditable.
Verify the request: source, principal type, scopes and authorisation token.
Parse the prompt, response, tool call, or MCP invocation. Pre-filter keywords.
Run composable CEL policies: block, redact, modify, or require strong consent.
Lethal-trifecta, prompt injection, jailbreak attempts and exfiltration patterns.
Pick the right model, cache when possible, throttle if budget is filling.
Write an immutable EU-resident audit record. Stream to SIEM if configured.
Roder is provider-agnostic by architecture. AI provider choice becomes a procurement decision, not an IT integration project.
Twelve regulations and standards mapped to Roder controls. Each maps to platform behaviour, configuration or a Compliance Pack add-on, ready to feed into your customers' audits.
High-risk system documentation, model and provider inventory, prompt and output logging with anonymisation, transparency obligations.
Data Retention controls, Right-to-Forget, auto-anonymise PII, EU-only data residency, DPIA evidence.
ICT risk register, incident classification & reporting, third-party risk register, TLPT evidence trace.
Article 21 cybersecurity controls mapped, incident notification timing built into Alerts engine.
Sensitive-health-data DLP via CEL policies, EHR traffic governance, secondary-use audit trail.
Vulnerability handling and disclosure mapped via Scan Findings and Rule-pack signing transparency log.
Federate-mode auth with eIDAS-compliant national IdPs. Planned roadmap support for EUDI Wallet.
Risk register, agent/MCP inventory, incident management, continual improvement.
Asset inventory, access control, cryptography, supplier relationships, incident management.
Continuous logging, access certification campaigns, change management via Rule-pack signing.
EU Cybersecurity Certification Scheme for Cloud. Engineered toward the High assurance level.
Posture score, Trifecta detections and audit trail align with the evidence requirements.
Up to seven-year audit retention on Advanced and Premium. Right-to-Forget tool included to honour GDPR requests.
Control plane, data plane, gateway, policy store, vault and observability run in the EU. No US Cloud Act exposure.
Log Streaming to Splunk, Datadog, AWS EventBridge, Elastic and custom webhooks. Hash-chained transparency log.
Multi-key rotation, per-pack expiry, discovery review. Every policy bundle is cryptographically signed and auditable.
Roder runs the same product across three deployment shapes, chosen by the buyer's regulatory profile rather than forced by the vendor.
100% EU-hosted, EU-operated, multi-tenant by default with single-tenant available on Premium. Self-serve onboarding; Customer Success guidance from Advanced upwards. Time-to-value: hours to days.
Best for: buyers who want EU sovereignty without standing it up.Deployed into Azure, AWS, GCP, OVHcloud, Hetzner, IONOS or Scaleway, all in the customer's account. Customer-controlled auth, KMS and data residency. Delivered by Roder Professional Services.
Best for: strict regulatory profile or bespoke integrations.On customer hardware, in the customer's facility. Updates only through controlled change windows. Suitable for defence, intelligence, classified and high-regulated banking environments.
Best for: sovereign, defence, classified workloads.A 14-day trial gives you the gateway in front of one team, 25,000 requests of real evidence, and an EU-hosted audit trail. No credit card.