Private release candidate · Enterprise AI Gateway & Control Plane

A control plane for governed AI requests.

Tensor Cortex unifies Workspace, an OpenAI-compatible Gateway, and Control so organizations can apply one policy path across private and approved public AI.

  • Policy before optimization
  • Metadata-only audit by default
  • Bring your own provider keys
  • Private and approved public models

The control gap

AI adoption moves faster than access control.

Teams adopt models, agents, and developer tools before one operating boundary exists for credentials, data sensitivity, provider access, and spend. Tensor Cortex puts those decisions on one governed request path.

01

Credentials spread

Provider keys move into local tools, applications, and agent runtimes without one revocation boundary.

02

Policy fragments

Each integration makes its own decision about which data may reach which model and provider.

03

Evidence disappears

Security and platform teams cannot reconstruct why a route was allowed, rejected, or changed.

01 / Platform

One policy path for private and public AI.

Tensor Cortex turns identity, application context, data sensitivity, model capabilities, health, and budget into one explainable route decision. Security filters the candidate set first. Optimization only happens inside that set.

  1. 01AuthenticateUser or service account
  2. 02ClassifyPublic to Restricted
  3. 03EnforceDeny and trust boundaries
  4. 04FilterCapability and health
  5. 05SelectPriority, cost, or latency
  6. 06ExplainRoute and audit metadata

Workspace

One AI workspace. No provider decisions for employees.

In approved evaluations, employees can use company-published profiles such as Automatic, Private, Fast, Coding, or Finance. Tensor Cortex applies company policy in the background and shows a clear security classification on every response.

  • OIDC single sign-onTeams and roles follow corporate identity.
  • Privacy can only move upUsers may request Private mode, never bypass policy.
  • History follows policyConversation storage can be disabled or encrypted with retention.
TCWorkspace
Automatic
Compare the Q2 variance notes with our operating plan.
PrivateAutomatic · policy managed

The main variance is concentrated in infrastructure and contractor spend. I found three material drivers...

Ask a follow-up Confidential

Gateway

One stable API while models and providers change.

In an approved deployment, applications connect to logical profiles, not physical model IDs. Move the code or automatic profile to a different deployment without changing the logical name; client and provider compatibility still requires validation.

  • OpenAI-compatible contractModels and chat completions; no public production base URL.
  • Streaming and tool callsCommitted behavior within the documented compatibility boundary.
  • Scoped service accountsApplication identity, profile access, and trusted metadata.
Review the exact API contract
PythonRequestRoute headers
from openai import OpenAI

client = OpenAI(
    base_url="https://ai.company.com/v1",
    api_key="tc_live_..."
)

response = client.chat.completions.create(
    model="automatic",
    messages=[{
        "role": "user",
        "content": "Summarize this incident."
    }]
)
X-TC-Route-Classapproved-cloudX-TC-Fallbackfalse

Control

Model access, routing, audit, and spend in one control plane.

The committed control path can publish policy without changing application code. Test a user, team, profile, and data class before release, then inspect every selected and rejected deployment through the route decision record.

  • Versioned policyDraft, simulate, publish, and roll back.
  • Deployment healthActive and passive signals with circuit protection.
  • Usage and budgetsAttribute tokens and estimated cost to teams and apps.
Finance data boundaryPublished · v18

WHEN

Teamis Finance
Data classis Confidential

THEN

Trust zonecustomer-vpc or on-prem
Content loggingdisabled

SIMULATION

Profile
Automatic
Result
Allowed
Selected
corp-glm-primary
Rejected
2 deployments
Committed request evaluator path

02 / Security invariant

A model failure never becomes a data boundary failure.

The committed fallback path evaluates the same policy-approved deployment set. Once a stream starts, Tensor Cortex never silently continues the answer from another provider.

Review the security architecture
Confidential requestPrivate-only policy
01
corp-glm-primaryconnection timeout
failed
02
corp-glm-backupcircuit open
unavailable
Blocked by policy Public fallback denied The prompt was not sent outside the approved trust boundary. The application received a safe, explainable error.

Built for governed use

Enterprise controls without a platform team-sized build.

IdentityOIDC, teams, RBAC, service accounts
Model catalogProviders, deployments, trust zones, capabilities
ProfilesAutomatic, Private, Fast, Coding, Finance
PolicyUsers, teams, apps, data classes, regions, tags
RoutingFixed, priority, least cost, lowest latency
ResilienceHealth checks, timeouts, retry, circuit breaker
AuditDecision reasons, rejected candidates, fallback history
EconomicsTokens, estimated cost, team and application budgets

03 / Deployment

One product, three operating models—each gated by evidence.

Tensor Cortex is a private release candidate for deployment-scoped evaluation. There is no public production API, self-service signup, or general-availability service. The current evaluation direction is a customer-dedicated Self-Managed path, scoped case by case.

Enterprise access Employees · Applications OIDC · Service accounts
Approved evaluation environment Tensor Cortex Workspace · Gateway · Control
PrivateVPC / on-prem models
Approved cloudPublic model providers
Self-Managed · Release candidateCustomer-dedicated pilot direction for approved environments; scope and validation are case by case.
Cloud · Alpha preparationInvite-only shared evaluation target for at most ten organizations; not an active public service and no private endpoints.
Dedicated · PlannedA Tensor Cortex-operated single-organization environment is not currently available.
Availability boundaryNo public signup, public production API, self-service credentials, or general-availability offering.

Policybeforeoptimization

Cost and latency only rank models already allowed by policy.

Profilesbeforeproviders

Users and applications see stable capabilities, not model churn.

Metadatabeforecontent

Audit is useful without collecting every prompt and response.

Explanationbeforeautomation

Every route records what was selected, rejected, and why.

04 / FAQ

Enterprise AI gateway questions, answered.

Technical and deployment questions teams ask before standardizing AI access.

What is Tensor Cortex?

Tensor Cortex is a private-release-candidate enterprise AI access and control plane. Its committed product contract covers a governed employee workspace, an OpenAI-compatible application gateway, and controls for model access, routing policy, fail-closed fallback, audit, usage, and budgets. It is evaluated only in approved, deployment-scoped environments today.

How is Tensor Cortex different from a basic LLM gateway?

A basic LLM gateway proxies requests or selects a provider. The Tensor Cortex release-candidate contract evaluates who is making the request, which application it belongs to, the data class involved, and active company policy before it considers cost or latency. The designed policy system spans both the employee workspace and developer API.

Can it route between private and public AI models?

The release-candidate contract supports policy routing between approved private OpenAI-compatible endpoints and approved public providers. Which endpoint classes are enabled depends on the deployment: the planned shared Cloud alpha excludes private endpoints, while a Self-Managed evaluation may connect customer-controlled endpoints. Logical profiles such as Automatic, Private, Fast, or Coding can isolate applications from physical model changes.

What happens when a private model is unavailable?

The committed fallback contract stays inside the policy-approved trust boundary. If a confidential request is private-only and no compliant private deployment is available, the release-candidate path returns a safe error and records the route decision. It does not silently send the prompt to a public provider.

Is the gateway compatible with the OpenAI API?

The committed gateway contract covers OpenAI-compatible model listing and chat completions, including streaming and logical model aliases. There is no public production base URL or self-service API key. Compatibility must be validated for each client, provider, and approved deployment; see the API reference for the exact boundary.

Where is Tensor Cortex deployed?

The current evaluation path is a private Self-Managed, customer-dedicated release candidate scoped case by case. Shared Cloud is in invite-only alpha preparation for at most ten organizations and is not an active public service. A Dedicated managed offering is planned but not available. No deployment model is generally available today.

Does Tensor Cortex store prompts and responses?

The committed release-candidate audit path is content-negative by default: prompt and response bodies are not written to Tensor Cortex audit records. That does not control an upstream model provider's retention. Any optional workspace history or content retention must be evaluated separately for the approved deployment and policy.

Does Tensor Cortex deploy or train models?

No. Tensor Cortex is the control layer, not an inference engine, model-training system, or GPU scheduler. Its release-candidate contract connects to approved model endpoints that an organization separately operates or procures; Tensor Cortex does not currently offer managed inference.

Tensor Cortex Insights

Responsibility-first research for AI access infrastructure.

Evidence-led technical guides that define decision boundaries, cite current primary sources, and include original frameworks or testable artifacts.

View all Insights

05 / Pilot

Scope a governed-request evaluation.

Use one buyer-critical route to test whether policy survives provider failure, private and public deployment choices, and the audit evidence your team needs.

  • Define the boundaryIdentity, model endpoints, sensitive data, and fallback policy.
  • Exercise failureProve what happens when a route, provider, or private deployment becomes unavailable.
  • Inspect the evidenceReview route decisions, rejected candidates, usage, and safe error behavior.

Prefer email? hello@tensorcortex.com

Pilot request ~2 minutes
What would you connect first?

We review each inquiry and reply with fit, prerequisites, and the next evidence step.