Platform

Gateway. Policy. MCP supply-chain. Cost. One platform.

Roder is built on four pillars that work together as one product: a provider-agnostic AI gateway, a composable policy engine, deep MCP supply-chain protection, and a real-time cost engine. Audit logs and an EU-resident control plane connect all of them.

Four pillars

Built so AI adoption never outruns control.

Gateway

Provider-agnostic, sub-second decisions.

One gateway in front of every major LLM. Composable CEL policies (block, redact, modify, require_ciba), WAF rules, rate limits and per-endpoint configuration, with an immutable EU-resident audit trail of every request.

  • OpenAI, Anthropic, Google, Mistral, self-hosted
  • Per-endpoint policies, per-realm policy stacks
  • Real-time DLP with PII / PHI / secrets detection
  • SIEM streaming to Splunk, Datadog, EventBridge
Policy

Composable rules, real-time decisions.

CEL-based policy engine that runs in the request path. Block, redact, modify or require strong consent, per endpoint, per realm, per principal. Severity and priority for every rule. Built so security teams can ship policy without writing code.

  • CEL primitives: block, redact, modify, require_ciba
  • Per-endpoint and per-realm policy stacks
  • Severity and priority on every rule
  • Sub-second decisions in the request path
MCP supply-chain

Lethal-trifecta protection unique to Roder.

Lethal-trifecta detection, TOFU pins, Trust Graph, Ed25519-signed rule-packs with a hash-chained transparency log, and kill-switch sources for every MCP. The deepest MCP supply-chain controls on the market. Built in, not promised.

  • Lethal-trifecta detection across 27+ MCP catalog
  • Multi-key rule-pack rotation + per-pack expiry
  • Discovery Review (RFC 9728 + DCR), Tool Overrides
  • YARA / LLM-judge / external engine scan findings
Cost engine

Spend visibility without losing safety.

Per-team and per-endpoint token attribution. Routing recommendations across model classes. Semantic caching. Hard budgets and soft throttles. And the guarantee: security never turns off when budget fills.

  • Attribution dashboards by team / project / agent
  • Routing across small / boosted / specialised models
  • Forecasting + alerts at 80% / 95% / 100% budget
  • Throttle mode (default) or burst mode with ceilings
Trifecta MCP

The supply-chain layer no other vendor has built.

Most AI security tools stop at the LLM. Roder's Trifecta goes deeper, into the MCP protocol itself, where agents call tools, fetch data and chain actions. Three controls work together so a single tool cannot escape the system.

01

Lethal-trifecta detection

Detects the three-step pattern (sensitive data + private context + outbound channel) where MCP servers can exfiltrate. Real-time, in the request path, evidence-grade.

02

TOFU pins & Trust Graph

Trust-on-first-use pins every MCP server's identity and capabilities; the Trust Graph visualises every agent-to-resource relationship, with read-only auditor mode.

03

Signed rule-packs

Ed25519-signed policy bundles with a hash-chained transparency log, multi-key rotation, per-pack expiry and discovery review (RFC 9728 + DCR). Compliance-ready out of the box.

Gateway sequence

Six steps. Sub-second. EU-resident.

Every request (from a browser, developer call, AI agent or AI product) flows through the same deterministic sequence. No magic. No silent failures. Every step is auditable.

01
Verify

Verify the request: source, principal type, scopes and authorisation token.

02
Inspect

Parse the prompt, response, tool call, or MCP invocation. Pre-filter keywords.

03
Apply

Run composable CEL policies: block, redact, modify, or require strong consent.

04
Detect

Lethal-trifecta, prompt injection, jailbreak attempts and exfiltration patterns.

05
Route

Pick the right model, cache when possible, throttle if budget is filling.

06
Log

Write an immutable EU-resident audit record. Stream to SIEM if configured.

Integrations

Every major LLM. One control plane.

Roder is provider-agnostic by architecture. AI provider choice becomes a procurement decision, not an IT integration project.

LLM providers
OpenAIAnthropicGoogle GeminiMistralAzure OpenAIAWS BedrockCohereSelf-hosted
Auth providers
Microsoft Entra IDGoogle WorkspaceOktaKeycloakSAML / SCIMeIDAS 2.0 IdPs
MCP servers (27+ catalog)
GitHubSlackLinearNotionConfluenceSalesforceCustom MCPs+20 more
Observability
SplunkDatadogAWS EventBridgeElasticCustom webhooks
Regulatory coverage

Built so your customers can prove control.

Twelve regulations and standards mapped to Roder controls. Each maps to platform behaviour, configuration or a Compliance Pack add-on, ready to feed into your customers' audits.

EU AI Act
Enforcement: August 2026

High-risk system documentation, model and provider inventory, prompt and output logging with anonymisation, transparency obligations.

GDPR
Baseline in every package

Data Retention controls, Right-to-Forget, auto-anonymise PII, EU-only data residency, DPIA evidence.

DORA
Live: January 2025

ICT risk register, incident classification & reporting, third-party risk register, TLPT evidence trace.

NIS2
Live: October 2024

Article 21 cybersecurity controls mapped, incident notification timing built into Alerts engine.

EHDS
Live: 2026

Sensitive-health-data DLP via CEL policies, EHR traffic governance, secondary-use audit trail.

CRA
2025–2026

Vulnerability handling and disclosure mapped via Scan Findings and Rule-pack signing transparency log.

eIDAS 2.0
Active

Federate-mode auth with eIDAS-compliant national IdPs. Planned roadmap support for EUDI Wallet.

ISO 42001
AI mgmt systems

Risk register, agent/MCP inventory, incident management, continual improvement.

ISO 27001
InfoSec

Asset inventory, access control, cryptography, supplier relationships, incident management.

SOC 2 Type II
Continuous

Continuous logging, access certification campaigns, change management via Rule-pack signing.

EUCS
High target

EU Cybersecurity Certification Scheme for Cloud. Engineered toward the High assurance level.

prEN 18286
Draft

Posture score, Trifecta detections and audit trail align with the evidence requirements.

Audit & evidence

Forensics that stand up to a regulator.

7y

Configurable retention

Up to seven-year audit retention on Advanced and Premium. Right-to-Forget tool included to honour GDPR requests.

EU

Resident control plane

Control plane, data plane, gateway, policy store, vault and observability run in the EU. No US Cloud Act exposure.

SIEM streaming

Log Streaming to Splunk, Datadog, AWS EventBridge, Elastic and custom webhooks. Hash-chained transparency log.

Ed25519

Signed rule-packs

Multi-key rotation, per-pack expiry, discovery review. Every policy bundle is cryptographically signed and auditable.

Deployment models

EU SaaS, your cloud, or air-gapped.

Roder runs the same product across three deployment shapes, chosen by the buyer's regulatory profile rather than forced by the vendor.

Roder EU SaaS

Operational in hours.

100% EU-hosted, EU-operated, multi-tenant by default with single-tenant available on Premium. Self-serve onboarding; Customer Success guidance from Advanced upwards. Time-to-value: hours to days.

Best for: buyers who want EU sovereignty without standing it up.
Roder Enterprise

Inside your own cloud.

Deployed into Azure, AWS, GCP, OVHcloud, Hetzner, IONOS or Scaleway, all in the customer's account. Customer-controlled auth, KMS and data residency. Delivered by Roder Professional Services.

Best for: strict regulatory profile or bespoke integrations.
Sovereign / air-gapped

No outbound. Period.

On customer hardware, in the customer's facility. Updates only through controlled change windows. Suitable for defence, intelligence, classified and high-regulated banking environments.

Best for: sovereign, defence, classified workloads.
Get started

See the platform in your own traffic.

A 14-day trial gives you the gateway in front of one team, 25,000 requests of real evidence, and an EU-hosted audit trail. No credit card.