TrueFoundryがITAR準拠を発表した初のAIゲートウェイに

Built for Speed: ~10ms Latency, Even Under Load
Blazingly fast way to build, track and deploy your models!
- Handles 350+ RPS on just 1 vCPU — no tuning needed
- Production-ready with full enterprise support
As AI adoption accelerates across defense, aerospace, and national security organizations, regulatory compliance is no longer optional - it is foundational. Enterprises building AI systems for sensitive, export-controlled workloads must ensure not just performance and scalability, but strict adherence to regulations like ITAR (International Traffic in Arms Regulations).
TrueFoundry introduces ITAR-compliant AI Gateway deployments, making it possible for defense and aerospace organizations to run regulated AI workloads with full control over data, access, and infrastructure.
This milestone reflects our long-standing commitment to secure, sovereign, and enterprise-grade AI infrastructure especially for teams operating in highly regulated environments.
What Is ITAR and Why It Matters for AI
The International Traffic in Arms Regulations (ITAR) is a U.S. government regulation that governs the access, storage, processing, and transfer of defense-related technical data and systems. Any organization that builds or operates technology connected to defense or military use cases must ensure that regulated data is strictly controlled, auditable, and protected from unauthorized access or export.
As AI becomes deeply embedded in defense and aerospace workflows, ITAR compliance increasingly extends beyond traditional software systems into AI models, prompts, and automated decision-making pipelines.
In modern AI systems, regulated data can surface in multiple places:
- Model inputs such as prompts, documents, or sensor data
- Model outputs and generated responses
- Agent memory, embeddings, and intermediate reasoning steps
- Logs, traces, and observability data generated during inference
Without the right infrastructure, these artifacts may be unintentionally stored, processed, or accessed outside approved environments - creating serious compliance risks.
AI further complicates ITAR compliance because many platforms rely on:
- Shared or multi-tenant SaaS infrastructure
- Vendor-managed control planes
- Cross-border data processing or access
- Automatic model routing and retries with limited visibility
For defense and aerospace organizations, this means ITAR compliance cannot be addressed at the application layer alone. It requires governance at the AI infrastructure and gateway layer, where every model request, response, and agent action can be controlled, audited, and constrained.
As a result, ITAR is no longer just a legal consideration - it has become a core architectural requirement for production AI systems in regulated environments.
The Gap in Existing AI Platforms
Most AI platforms today are optimized for rapid experimentation and developer convenience, not for operating under strict regulatory frameworks like ITAR. While these platforms work well for general-purpose applications, they introduce significant gaps when used for regulated defense and aerospace workloads.
Common limitations include:
- Limited control over where prompts, model outputs, and logs are stored
- Reliance on shared or multi-tenant SaaS infrastructure
- Opaque data flows and vendor-managed control planes
- Inability to enforce access restrictions at the model and gateway level
- Lack of end-to-end auditability across AI requests and agent workflows
In AI-driven systems, regulated data does not live in a single database. It moves through prompts, models, agents, tools, retries, and logs often across multiple services. Without centralized governance, organizations are left to manage compliance through fragmented application-level controls, which are difficult to enforce and even harder to audit.
For ITAR-regulated teams, these gaps create unacceptable risk. Compliance depends on having full visibility, control, and enforcement at the AI infrastructure layer, not just within individual applications.
How TrueFoundry Enables ITAR-Compliant AI Gateways
TrueFoundry’s AI Gateway was designed from the ground up for enterprise control, deployment flexibility, and governance, making ITAR compliance achievable without compromising on modern AI capabilities.
1. Fully Isolated, Customer-Controlled Deployment
TrueFoundry supports on-premises and private VPC deployments, ensuring:
- All AI traffic stays within ITAR-approved infrastructure
- No data leaves customer-controlled environments
- No shared SaaS control planes or multi-tenant data paths
This is critical for ITAR, where data sovereignty and physical control are mandatory.
2. Centralized AI Gateway for All Model Traffic

With TrueFoundry, every AI request flows through a single, governed gateway:
- Prompts
- Model responses
- Agent tool calls
- Retries and fallbacks
- Logs and telemetry
This allows organizations to enforce ITAR policies at the gateway level, rather than relying on fragmented application-level controls.
3. Strict Access Controls and Identity Enforcement
TrueFoundry integrates with enterprise IAM systems to enable:
- Role-based access control (RBAC)
- Environment-level isolation
- Controlled access to models, prompts, and agents
- Alignment with citizenship-based access policies (as required by ITAR)
This ensures that only authorized personnel can access regulated AI workflows.
4. Auditability, Logging, and Traceability

ITAR compliance requires provable controls, not just promises.
TrueFoundry provides:
- End-to-end audit logs for AI requests
- Traceability across prompts, agents, and workflows
- Clear attribution of usage and access
- Support for compliance audits and internal reviews
Every AI interaction becomes observable, traceable, and reviewable.
5. モデル非依存のポリシー駆動型ルーティング
組織は以下のような厳格なポリシーを適用できます。
- ITARワークロードで利用可能なモデル
- 必要に応じて外部SaaSモデルを無効化する
- 自己ホスト型または承認済みプロバイダーのみにルーティングする
- 非準拠モデルへのフォールバックを防止する
これにより、隠れた再試行やデフォルトのルーティング動作によって引き起こされる偶発的な違反を回避できます。
防衛・航空宇宙チームにおける重要性
ITAR準拠のAIゲートウェイをサポートすることで、TrueFoundryはチームが以下のことを可能にします。
- 防衛の研究開発および運用向けにAIを安全に展開する
- 規制リスクなしに最新のLLMとエージェントワークフローを使用する
- データ、モデル、インフラストラクチャを完全に制御する
- 自信を持ってコンプライアンスレビューに合格する
- 規制の進化に合わせてAIシステムの将来性を確保する
これは特に重要です。 AIエージェント、ツール呼び出し、自律型ワークフローが ミッションクリティカルなシステムの中核となるためです。
ITARを超えて:規制AIのためのより広範なビジョン
ITAR準拠は単発の機能ではなく、より広範な戦略の一部です。
TrueFoundryはすでに、以下のようなエンタープライズグレードのコンプライアンス要件をサポートしています。
- SOC 2
- HIPAA
- データの所在および地理的要件
- プライベートクラウドおよびエアギャップ環境でのデプロイ
目標はシンプルです。 規制に準拠した、プロダクショングレードのAIを妥協することなく利用可能にする.
今後の展望
AIシステムがミッションクリティカルな運用に近づくにつれて、コンプライアンスはもはや二次的な懸念事項として扱われるべきではありません。早期に行われるインフラの選択が、AIデプロイメントが規模を拡大しても管理可能であるかを決定します。
TrueFoundryはITAR準拠のAIゲートウェイをサポートすることで、組織が今日の規制要件を満たしつつ、将来の標準や管理にも適応できるAIシステムを構築することを可能にします。
TrueFoundry AI Gateway delivers ~3–4 ms latency, handles 350+ RPS on 1 vCPU, scales horizontally with ease, and is production-ready, while LiteLLM suffers from high latency, struggles beyond moderate RPS, lacks built-in scaling, and is best for light or prototype workloads.
The fastest way to build, govern and scale your AI












.webp)




.png)








.webp)
.webp)








