THE ENGINE · AI GATEWAY
Pre-action assurance for every AI and agent call.
Continuous Operational Assurance for Enterprise AI. Reign’s AI Gateway is the runtime point at which every model call, every tool invocation, every autonomous-agent action is inspected before state change. Pre-action assurance is the operating discipline. The Gateway is what executes it.
AI Gateway is the engine behind Pre-action assurance, the first half of Reign’s runtime and outcome assurance loop.
Trusted by security-conscious enterprises
Before vs. after Reign AI Gateway
Two questions decide everything. Can you prove a given agent or model action was authorized before it happened? Can you produce the evidence on demand? Without pre-action assurance, the answer is no on both. With the Gateway, the answer is yes by construction.
| Question | Without pre-action assurance | With Reign Gateway |
|---|---|---|
| Agent and model actions before state change | Executed first, reviewed later (if at all) | Inspected pre-action. Allowed, transformed, or blocked. |
| Policy enforcement | Documented in a wiki. Not enforced in the call path. | Applied inline by the Gateway on every call. |
| Identity on each call | Service account or shared key | Bound to user, agent, and tool scope. |
| Residual risk | Unknown. Assumed acceptable. | Scored per action with policy basis. |
| Evidence for audit | Reconstructed after the fact | Captured contemporaneously by the Gateway. |
| Tool calls (MCP, REST, gRPC, CLI) | Outside the governance surface | Inside the same control plane as model calls. |
The Reign Gateway stack
Three-layer enforcement architecture. Identity-bound calls, inline guardrails, and contemporaneous evidence on a single control plane.
Policy Decision Point
Identity, Intent, Inspection
Every model call and every tool invocation is intercepted before state change. Identity is bound to the call. Intent is checked against policy. The action is inspected, scored, and either allowed, transformed, or blocked. No implicit trust. No bypass path.
Key Benefits
Guardrails at the Wire
PII, Secrets, Prompt Injection, Tool Abuse
PII redaction, secret detection, prompt injection defense, content policy, and tool-call validation are applied inline. The same enforcement plane covers LLM prompts, agent reasoning steps, and downstream tool calls (MCP, REST, gRPC, CLI).
Key Benefits
Evidence by Construction
Contemporaneous Audit, Residual Risk
Every decision the Gateway makes (allow, transform, block, escalate) is recorded contemporaneously with its policy basis, identity, and residual risk score. Evidence flows into the Audit Ledger and into Assurance Packs without a separate evidence-collection step.
Key Benefits
The agentic era broke the gateway model. Reign rebuilt it.
Older AI gateways stop at the prompt. Reign’s Gateway treats the model call and the agent’s downstream tool call as one governance surface. MCP, REST, gRPC, and CLI tools sit inside the same control plane, with the same identity, the same policy, and the same evidence stream.
Model Context Protocol is a first-class surface. So are REST or OpenAPI, gRPC, and CLI execution. Every transport carries the same RBAC, the same tool-signature checks, and the same audit trail.
Multi-hop agent and tool sequences are reconstructed end to end. Every step is identity-bound, policy-checked, and recorded with its residual risk score. The evidence flows into the Audit Ledger and Assurance Packs.
Tools operated by Reign, by a vendor (Atlassian Cloud, GitHub Copilot, others), or by your own team. All three are governed by the same Gateway with no second control plane.
The MCP threat surface the Gateway is built to close
Agent tool calls introduce attack patterns older gateways do not see.
Tool Poisoning
Malicious instructions hidden in tool metadata manipulate agents into unauthorized actions. First documented by Invariant Labs, April 2025.
Tool Shadowing
Cross-server contamination. A malicious server corrupts the behavior of trusted tools on the same client, silently.
Rug Pull
Tool behavior silently altered after user approval. Current clients don't detect or notify when tool descriptions change post-install.
How the Gateway closes it
MCP-specific defenses, applied inline on every tool call.
Tool Signature Verification
Cryptographic signing of tool packages. Block unsigned and tampered tools.
Description Change Detection
Continuous monitoring of tool metadata for unauthorised changes. Rug pull defense.
Tool-Level RBAC
Per-user, per-agent, per-tool access controls with data scope limiting.
Policy Engine + Approvals
Human-in-the-loop for high-risk operations. EU AI Act Art. 14 alignment.
Agent Chain Reconstruction
End-to-end tracing of multi-hop agent→tool→tool sequences. OpenTelemetry export.
Credential Vault (SSO/SCIM)
Replace static API keys with enterprise-managed auth. OAuth 2.1 + PKCE.
Cross-Agent Dependency Map
Visual graph of agent-tool relationships. Identifies single points of failure.
Server Lifecycle Management
Deploy, version, monitor, and deprecate servers. Continuous health monitoring with failover.
Audit Ledger Integration
Agent Chain evidence flows directly into Audit Ledger (CAVR) and Assurance Packs.
Audit-grade by construction
Evidence the Gateway captures aligns to the frameworks you are measured against.
Reign Spine
Up to the discipline
Pre-action assurance
The operating discipline. The Gateway executes it.
Across the loop
Outcome Validation
The second half. What actually happened, measured against what was intended.
Across the loop
Residual Risk
What the Gateway could not eliminate. Scored, owned, reviewed.
Peers on the Spine