Redact PII before
it reaches your LLM.
Treza is the AI control plane for teams running LLMs on sensitive data. Point your existing client at one URL, or use our API or SDK. Either way we strip names, emails, SSNs, and more from every prompt, with a tamper-evident audit log of exactly what was redacted. No rewrite. Live in minutes.
- 1 lineTo integrateChange one base URL. Keep your client.
- PII + secretsDetected & redactedNames, emails, SSNs, cards, MRNs, and more
- 100%Of calls auditedEvery request logged with an id and version
- 14 daysFree to tryFull Pro access. Cancel anytime.
Built for teams running LLMs on sensitive data
If your prompts contain customer data, you need a layer between your app and the model. Find the pattern closest to yours.
Healthcare & PHI
Run models on clinical notes, intake forms, and records without sending raw PHI to the provider.
- AI over PHI
- HIPAA-ready patterns
- Model never sees raw data
Fintech & PII
Push statements, support tickets, and KYC docs through LLMs while stripping SSNs, account numbers, and card data.
- Strip financial PII
- Audit every call
- SOC 2-friendly trail
AI agents & copilots
Give autonomous agents an LLM endpoint that can't leak customer data, even when prompts are generated on the fly.
- Drop-in proxy
- Per-agent policies
- No data exfiltration
Support & data ops
Summarize and classify customer conversations without exposing names, emails, or addresses to a third-party model.
- Redact before send
- Keep the insights
- Encrypted provider keys
From signup to redacted prompts in 3 steps
No rewrite required. Point the client you already use at Treza. Any LLM with a base URL works, the OpenAI SDK included, or call the Treza API or SDK directly. Treza handles redaction, logging, and your provider key.
- Step 01
Create a redaction proxy
Stand up a managed proxy in front of OpenAI, Anthropic, or any provider. Pick which PII types to strip. Your provider key is stored encrypted.
$ POST /v1/proxies - Step 02
Point your client at Treza
Change your client’s base URL and pass your proxy id in a header. That’s the only code change. Treza redacts every prompt before it reaches the provider.
$ https://api.trezalabs.com/v1 - Step 03
Watch the audit trail
Every call is logged with a request id, the entities redacted, and the engine version. Export it any time for SOC 2, HIPAA, or your next audit.
$ GET /v1/usage
Why AI on sensitive data needs a control plane
A short explainer on how Treza strips PII before it reaches your model — and proves exactly what it removed. Ready to try the AI Control Plane? Start your free trial.
Everything you need to put AI in front of sensitive data
Six capabilities. One proxy.
The AI pipeline your CISO, GC, and compliance team will actually approve.
Automatic PII redaction
Strip names, emails, SSNs, credit cards, MRNs, secrets, and more from every prompt before it ever leaves your network.
Learn more->Drop-in integration
Point the client you already use at Treza. Any LLM with a base URL works, the OpenAI SDK included. Change one URL to start redacting, or call the Treza API or SDK directly.
Learn more->Tamper-evident audit log
Every request is logged with an id, the entities redacted, and the engine version. Export it for SOC 2, HIPAA, or your next audit.
Learn more->Custom redaction policies
Choose exactly which PII types each proxy strips. Tune policies per app, per environment, and per data classification.
Learn more->Any provider, your keys
Front OpenAI, Azure, Anthropic-compatible, or custom endpoints. Your provider key is stored encrypted and never exposed to your agents.
Learn more->Hardware-attested mode
On Enterprise, redaction runs inside a Treza Enclave with hardware attestation — provable evidence the right code handled your data.
Learn more->Governance for every agent action
Who ran it, which model and how many tokens, what data it touched, what PII surfaced, and where the output went. Every action your AI agents take, captured in a tamper-evident audit log.
How we deploy it
We forward-deploy an engineer into your org to stand up the control plane with you and wire it into the identity and data systems your team already runs.
- 01
We embed an engineer
A Treza forward-deployed engineer works alongside your team to stand up the control plane inside your own environment. Not a slide deck, a working deployment.
- 02
Wire up your stack
We connect your identity provider (SSO / SCIM), your agents, your model providers, and your data sources, so every action is attributed to a real person.
- 03
Go live with full governance
Every agent action lands in a tamper-evident audit log you can stream to your SIEM. Your security and compliance teams own it from day one.
More than a proxy
The AI Control Plane is the first product built on Treza Platform — the same confidential-compute primitives are available to teams who need attested enclaves, key custody, or a control plane of their own.
Drops into the stack you already run
Ship containers you already build, sign for the chains you already use, and call the models you already trust, without changing how your team works.
What teams
build on Treza
Real teams routing AI through Treza today — from healthcare and fintech to autonomous agents, data ops, and identity.
Finance copilots
Copilots that read statements, invoices, and support tickets and call an LLM — without leaking account numbers, SSNs, or card data to the provider.
Autonomous agents
Agents that generate prompts on the fly get an LLM endpoint that can’t exfiltrate customer data, no matter what they send.
Clinical AI
Run models on clinical notes and intake forms. PHI is stripped before the prompt reaches the provider.
Audit-ready AI
Every prompt redacted and logged with a request id. Export a tamper-evident trail for SOC 2 or HIPAA.
Data pipelines
Summarize and classify customer data through LLMs without exposing raw names, emails, or addresses.
KYC workflows
Verify users and screen for risk with LLMs while keeping identity data out of the model. ZK-KYC primitives are available on Treza Platform to prove a check passed without storing the underlying ID.
Common questions
What teams ask before routing their first prompt through Treza.
What is the AI Control Plane?
It’s a managed proxy that sits between your app and any LLM. It strips PII from every prompt before it reaches the provider, logs each request for audit, and keeps your provider key encrypted. Point your existing client at it and you’re redacting in minutes.
Do I have to rewrite my code?
No. Keep the client you already use. Anything that calls an LLM over a base URL works, the OpenAI SDK included. Change the base URL, pass your proxy id in a header, and you’re done. Prefer a native integration? Call the Treza API or SDK directly instead, with no OpenAI-compatible client required.
Which PII does it redact?
Names, emails, phone numbers, addresses, SSNs, credit cards, medical record numbers, dates of birth, account numbers, secrets, and more. You choose which types each proxy strips.
Which model providers work?
Pretty much any model or provider you can reach over a base URL: OpenAI, Anthropic, Azure, Bedrock, your own self-hosted models, or a custom upstream. Your provider key is stored encrypted and never exposed to your agents.
Can I prove what was redacted?
Yes. Every request is logged with an id, the entities removed, and the redaction engine version. Export the audit trail any time for SOC 2, HIPAA, or your own records. Enterprise adds hardware attestation.
How much does it cost?
Start with a 14-day free trial of Pro at $99/mo — 50,000 redaction requests included, then $0.002 per request. Custom policies, multiple providers, and audit export are included. Cancel anytime before the trial ends.
Redact PII before it hits the model.
Point your existing client at Treza, or use our API or SDK, then configure a redaction proxy and start sending requests in minutes. 14-day free trial, no sales call required.