Olympus sits between your business and your model vendors. It enforces policy on every call, masks sensitive data before it leaves your perimeter, records every decision with Delta replay lineage you can replay end-to-end, and survives a provider swap without losing your memory or audit trail.
Your LLM pilot works. Your Legal team is stuck on four questions.
Gateway-only tools (LiteLLM, Portkey, Helicone) handle routing and observability. None of them ship the memory, policy, approvals, and replay stack an auditor actually asks for.
Google, OpenAI, Anthropic, and Microsoft Copilot under one API. Midas-driven routing, per-session preference, automatic failover. Swap vendors mid-session without losing state.
Session state persists across provider swaps, restarts, and branches. Delta is the continuity engine that keeps operating context reconstructable instead of trapping it inside vendor sessions.
Versioned policy packs. Human-in-the-loop approvals with signed audit entries. PII masking enforced at the gateway, not the prompt. Every call leaves a defensible trail.
Inspect any session timeline, diff branches, compare across providers, export a replay bundle. The answer to "what did the model know when it decided that?" in 30 seconds.
Each control is a question your auditor will actually ask. Olympus has a surface that answers it.
| Control | Regulation | Olympus surface |
|---|---|---|
| Reconstruct model-decision context | SOX · FINRA · FDA SaMD | Replay Studio + Delta replay lineage |
| Prove PII did not leave perimeter | HIPAA · GDPR Art. 32 | Gateway PII masking + identity scopes |
| Human review of high-risk output | FINRA · SR 11-7 | Approvals queue + signed audit trail |
| Policy enforcement on every call | EU AI Act · NIST AI RMF | Versioned packs enforced pre-call |
| Continuity under vendor change | OCC third-party risk | Provider-independent memory + failover |
| Rate-limit / budget controls | FedRAMP · SOC2 CC6 | Per-identity limiter + budget caps |
| Capability | LiteLLM | Portkey | Helicone | Olympus |
|---|---|---|---|---|
| Multi-provider routing | yes | yes | no | yes |
| Observability on calls | basic | yes | yes | yes |
| Policy packs enforced pre-call | no | partial | no | yes |
| Human approval queue | no | no | no | yes |
| PII masking at gateway | no | partial | no | yes |
| Memory across providers | no | no | no | yes |
| Delta replay lineage | no | no | no | yes |
| Signed audit export | no | partial | partial | yes |
Those companies sell to the VP Eng. Olympus sells to the CISO.
Your keys, your data, our operators. Fastest time-to-pilot. Best fit for mid-market teams who want the control plane without running it.
Runs air-gapped. No call-home. HIPAA BAA available. Most regulated enterprises land here.
Data plane stays in your perimeter; control plane is hosted. Common first-year path for banks and healthcare systems.
TLS 1.3 in transit, AES-256 at rest, KMS-backed rotation. SAML + SCIM at Team tier and above. Data plane never sees cleartext PII.
Compression keeps our gross margin honest so we can price below the cost of "build it yourself."
Olympus AI Control Teardown is the fastest way to review one workflow, identify the governance and control gaps, and decide whether a design sprint or pilot is actually justified.
90-day pilot. Two production workflows instrumented. Named executive sponsor + Legal/Compliance reviewer. In exchange: 50% off year-one, influence over the policy-pack schema, and a direct line to the founders.