🔐
Protect sensitive data before egress
Scan input and output, classify sensitivity, redact or block PII, and keep evidence of what was detected.
EU-sovereign · Evidence-grade · Self-hostable
Control what your AI sends. Prove what happened.
Talon helps European teams put enforceable controls in front of LLM apps, AI agents, and vendor AI workflows. Route traffic through Talon, enforce PII, cost, model, provider, sovereignty, and tool policy, then export signed evidence for customer, security, DPO, and auditor reviews.
Change one URL
Control provider-boundary traffic
Keep governance evidence self-hosted
Export signed records for review
$ talon audit list
ID CALLER PII COST(€) DECISION
evt_a1b2c3 support-bot email(1) 0.003 allowed
evt_d4e5f6 hr-bot iban(2) 0.000 blocked:pii
evt_x9y0z1 ops-agent none 0.000 blocked:tool
$ talon audit verify evt_a1b2c3
✓ Evidence signature VALIDEU-sovereign egressPII and content controlsPre-spend cost capsTool governanceSigned evidence exports
Where to start
Choose the review you need to pass.
Talon is built for teams that need to answer practical AI governance questions: what data left, where it went, which policy allowed it, what it cost, and whether the record can be verified later.
🇪🇺
EU governance
Map Talon controls to GDPR, NIS2, DORA, and EU AI Act readiness.
🧾
Evidence store
See what Talon records, signs, verifies, and exports for reviews.
✅
Runtime checklist
Use a practical checklist to assess PII, cost, routing, tool, and evidence controls.
🏗️
Compare options
Understand when to use Talon, agent governance toolkits, PII proxies, or general AI gateways.
Why Talon
Security and compliance teams need evidence they can defend.
Talon sits in the request path so policy is enforced before provider access. Each decision can be tied to caller, tenant, policy, PII findings, model, provider, cost, hashes, and signature.
🇪🇺
Control provider and region choices
Use EU strict, EU preferred, or global modes with provider metadata and evidence showing why traffic was allowed or denied.
🧾
Export evidence, not screenshots
Every decision produces HMAC-signed evidence that can be inspected, exported, and verified with talon audit verify.
Evaluate in minutes
Run a governed request and verify the evidence.
The no-key Docker demo shows the core user journey: send a normal OpenAI-compatible request, detect PII, record a policy decision, attribute cost, inspect the evidence, and verify the signature.
git clone https://github.com/dativo-io/talon
cd talon/examples/docker-compose
docker compose up
curl -X POST http://localhost:8080/v1/proxy/openai/v1/chat/completions \
-H "Content-Type: application/json" \
-d '{"model":"gpt-4o-mini","messages":[{"role":"user","content":"My email is jan@example.com and my IBAN is DE89370400440532013000."}]}'
docker compose exec talon talon audit list
docker compose exec talon talon audit verify req_a1b2c3d4Deployment model
Add Talon without rebuilding your AI stack.
Your app keeps the same SDK. Point it at Talon, authenticate with a Talon caller key, and let Talon inject the approved provider credential from its vault.
App or agentSlack bot, LangGraph, OpenClaw, internal app, vendor workflow
→
Talon GatewayPII · policy · cost · sovereignty · tools · evidence
→
Approved providerOpenAI · Anthropic · Azure OpenAI · Bedrock · Mistral · Ollama
export OPENAI_BASE_URL=http://127.0.0.1:8080/v1/proxy/openai/v1
export OPENAI_API_KEY=<talon-caller-key>talon audit export --format json
talon report --tenant acme
talon audit verify <evidence-id>Controls
What Talon helps you prove.
Use Talon when the AI governance conversation moves from policy documents to operational evidence.
🧾
Evidence and compliance exports
Signed evidence records, audit list/show/verify, CSV and JSON export, and report summaries for review packages.
🔐
PII and content controls
EU-focused recognizers such as IBAN, VAT IDs, national IDs, email, phone, card, passport, and IP, with warn/redact/block modes.
💶
Pre-spend cost governance
Per-caller budgets and cost attribution evaluated before the request is forwarded, not only after spend is logged.
🇪🇺
EU-sovereign routing
Provider jurisdiction metadata, EU regions, and routing modes that can allow, deny, or prefer providers based on sovereignty posture.
🛠️
Tool and MCP governance
Govern exposed tools and MCP/proxy traffic with allowlists, blocklists, policy checks, and evidence records.
📊
Operational visibility
Dashboard, metrics API, OTel, costs, PII breakdowns, blocked decisions, and budget utilization — with evidence as the source of truth.
Choose by need
Use Talon when proof of governed AI traffic matters.
Talon is designed for EU teams that need provider-boundary controls and signed evidence. It can also complement tool classes focused on AI operations or in-process agent action governance.
| Need | Suggested path | Why |
|---|---|---|
| EU-sovereign AI traffic controls, PII policy, cost caps, and signed evidence exports | Start with Talon | Talon is built for provider-boundary governance and review-ready evidence. |
| Deep in-process tool/action governance for a new agent system | Evaluate agent governance toolkits | Action-level governance belongs inside the agent runtime. |
| Both action governance and provider-boundary evidence | Use both layers | One controls what agents can do; the other proves what traffic crossed the boundary. |
| Only masking sensitive strings in prompts | PII proxy may be enough | Useful narrow control, but not enough when evidence, routing, tools, and spend matter. |
Start with one workflow
Put Talon in front of AI traffic you already run.
Choose one workflow with customer data, regulated data, model spend, or agent tools. Route it through Talon, inspect the policy decision, and verify the signed evidence.