ComparisonPublished June 25, 2026· Last verified July 15, 2026

Kosmoy vs Portkey: AI Gateway and Governance Compared (2026)

Portkey — now part of Palo Alto Networks — is one of the strongest AI gateways on the market. Kosmoy is an AI management platform that happens to include one. Which you need depends on whether your problem is traffic or governance.

Portkey and Kosmoy meet in the same RFPs because both put a policy point between applications and models. They arrive there from opposite directions. Portkey grew from a developer-loved open-source gateway into a control plane for production LLM traffic — routing, cost tracking, guardrails, prompt management — and in May 2026 was acquired by Palo Alto Networks to become the gateway layer of Prisma AIRS. Kosmoy started from the governance problem: an inventory of every AI system a company runs, a gateway to enforce policy on each call, compliance evidence for the auditors, and a sandbox for the agents that act.

This page compares the two honestly, axis by axis, with every Portkey claim cited to Portkey's own documentation. The short version: the specialist owns its spoke; the platform holds the frontier.


Who each product is for

Portkey

Portkey speaks to platform and AI engineering teams first. The open-source gateway (MIT, ~12.4k stars) makes adoption a developer decision, and the paid platform adds the operational layer: request logging with 21+ metrics, budgets and rate limits per key, prompt management, and guardrails with sync blocking. Enterprises can run it as SaaS, hybrid (data plane in their VPC) or fully air-gapped.

Since May 2026 Portkey belongs to Palo Alto Networks, which is folding it into the Prisma AIRS AI-security platform — a signal that its future buyer is increasingly the CISO, though the public roadmap since the acquisition has been quiet.

Kosmoy

Kosmoy speaks to the people accountable for AI as a whole: CTOs, CISOs and AI governance leads in regulated industries. Its unit of work is not the API call but the AI system — each one registered with an owner and a risk tier, observed through the gateway, and, where it acts autonomously, contained in an Action Capsule sandbox.

It is software you run, not a service you send prompts to: single-tenant, in your own Kubernetes, air-gap capable. Italy's central bank and Europe's largest defence group run it in production.


The capability radar

Each spoke is one capability, scored 0–10; the further a point sits from the centre, the stronger the product. Portkey's shape peaks exactly where you would expect — Gateway & Policy Control (9 vs 8) and Observability & FinOps (9 vs 7) both go to Portkey, and its air-gapped enterprise option earns a 9 on sovereignty. Kosmoy's shape is the wider web: inventory, containment and compliance are where the gap runs the other way.

  • Portkey
  • Kosmoy
Portkey vs Kosmoy — capability radarCapability radar comparing Portkey and Kosmoy across ten axes, scored 0 to 10. AI Inventory & Discovery: Portkey 5, Kosmoy 9; Security & Shadow AI: Portkey 4, Kosmoy 8; Observability & FinOps: Portkey 9, Kosmoy 7; Gateway & Policy Control: Portkey 9, Kosmoy 8; Guardrails & Runtime Safety: Portkey 8, Kosmoy 8; Agent Containment: Portkey 4, Kosmoy 9; Compliance & Audit: Portkey 5, Kosmoy 9; Testing, Evals & Red-teaming: Portkey 3, Kosmoy 4; Agent Building: Portkey 2, Kosmoy 6; Deployment Sovereignty: Portkey 9, Kosmoy 10.246810AI Inventory &DiscoverySecurity &Shadow AIObservability &FinOpsGateway &Policy ControlGuardrails &Runtime SafetyAgentContainmentCompliance &AuditTesting, Evals &Red-teamingAgent BuildingDeploymentSovereignty
Capability scores, axis by axis
Capability (0–10)PortkeyKosmoyNotes on Portkey
AI Inventory & Discovery59Model Catalog plus MCP/agent registries — but only for assets routed through Portkey; no outside discovery.
Security & Shadow AI48Gateway-centric controls (RBAC, SSO/SCIM, key management); shadow-AI detection is not documented.
Observability & FinOps97Full logging, 21+ metrics, per-key budgets, OTel and data-lake export — a category leader.
Gateway & Policy Control98The core product: 1,600+ models, 45+ providers, routing, caching, enforced configs.
Guardrails & Runtime Safety8820+ deterministic plus LLM-based checks with sync blocking; advanced detection via partners (Zscaler, Akto, Lasso).
Agent Containment49Policy-level containment (scoped keys, per-user tool access); no sandbox or kill switch documented.
Compliance & Audit59SOC 2 / ISO 27001 / HIPAA certifications and audit logs — but no AI-regulation evidence tooling.
Testing, Evals & Red-teaming34A batch-evals cookbook guide and playground comparisons only.
Agent Building26Governs external agent frameworks; no agent builder of its own.
Deployment Sovereignty910OSS self-host, hybrid VPC, or fully air-gapped enterprise deployment.

Bold marks the highest score on each row. 10 is reserved for categorical architectural facts; specialists are expected to outscore platforms on their own spoke.


Where Portkey wins

Model and provider breadth. One OpenAI-compatible API fronts 250+ LLMs and 1,600+ models across 45+ providers, with retries, fallbacks, load balancing, conditional routing and semantic caching — the most complete routing feature set in the category (Portkey docs).

Request-level observability. Every request is logged with tracing, 21+ analytics metrics and custom metadata; budgets and rate limits attach to individual keys and workspaces; logs export over OpenTelemetry or to a data lake (observability docs). Kosmoy tracks cost, usage and agent traces per model, app and user — solid FinOps, less granular request analytics.

Guardrails ecosystem. Twenty-plus deterministic checks plus LLM-based ones, applied synchronously (blocking) or asynchronously, with partner integrations from Zscaler AI Guard to AWS Bedrock Guardrails (guardrails docs). Kosmoy's guardrails cover the same core categories — PII, toxicity, prompt injection, policy — without the partner marketplace.

Developer adoption path. A free tier, a $49/month Pro plan and an MIT-licensed core mean a single team can adopt Portkey this afternoon. Kosmoy has no self-service tier; procurement runs through an enterprise sales process.

Where Kosmoy wins

Inventory beyond the gateway. Portkey's Model Catalog and registries cover what is routed through Portkey. Kosmoy's four registries also cover what is not: connectors pull agents from Azure AI Foundry, Bedrock, Vertex, Salesforce and ServiceNow into one master list, each entry with an owner and a risk tier. If the question is “what AI do we run?”, only one of these products tries to answer it.

Compliance evidence. Portkey documents SOC 2, ISO 27001 and HIPAA certifications for itself — table stakes for a vendor — but no EU AI Act, ISO/IEC 42001 or NIST AI RMF tooling for its customers (not documented as of July 15, 2026). Kosmoy produces framework-ready evidence bundles from registry state plus gateway logs: one source, every audit.

Agent containment. Portkey's agent gateway controls which skills an agent may call — policy-level containment. Kosmoy's Action Capsule is architectural: each agent, MCP server or private model runs in a kernel-enforced sandbox whose only egress is its paired gateway, with per-task credentials and a kill switch. A hijacked agent reaches only what its gateway allows.

Deployment model as a governance fact. Both offer air-gapped options. The difference is categorical: Kosmoy is only ever single-tenant software in your Kubernetes — there is no vendor-hosted control plane to trust, which is why sovereignty is the one axis scored 10.


Deployment and pricing model

PortkeyKosmoy
Hosting modelSaaS, hybrid (data plane in your VPC) or air-gapped enterpriseSelf-hosted only — single-tenant, your own Kubernetes
Where prompts flowThrough Portkey's cloud on SaaS; stay in your VPC on hybrid/air-gappedNever leave your infrastructure
Control planePortkey-hosted (except air-gapped tier)Runs in your cluster
Open sourceGateway core (MIT); platform proprietaryProprietary
Pricing modelFree dev tier; Pro from $49/mo; enterprise quoteEnterprise subscription; no self-service tier
OwnershipPalo Alto Networks (acquired May 2026)Independent, founder-owned

Last verified July 15, 2026 against each vendor's public documentation.

Running them together

Both products expose an OpenAI-compatible endpoint, so applications move between them by changing a base URL — migration in either direction is configuration, not a rewrite. Some enterprises run both: Portkey as the developer-facing gateway for experimentation, Kosmoy as the system of record — inventory, risk tiers, compliance evidence and containment — for what reaches production. If Portkey's post-acquisition roadmap under Palo Alto Networks changes its packaging, that OpenAI-compatible surface is also the exit path.


Questions buyers ask

Is Kosmoy better than Portkey?

Not on every axis, no. Portkey is the stronger pure gateway — more models, deeper request-level observability, a larger guardrails ecosystem, and a free tier Kosmoy does not offer. Kosmoy is the stronger governance platform: organization-wide AI inventory, EU AI Act and ISO 42001 evidence, and kernel-enforced agent containment, none of which Portkey documents. Teams whose problem is LLM traffic should shortlist Portkey; teams whose problem is proving control over AI should shortlist Kosmoy.

What happened to Portkey after the Palo Alto Networks acquisition?

Palo Alto Networks announced the acquisition on April 30, 2026 and closed it on May 29, 2026, positioning Portkey as the gateway layer of its Prisma AIRS AI-security platform. As of July 2026 the public docs changelog stops at April 2026 and the last open-source gateway release predates the deal, so future packaging and pricing under Palo Alto Networks remain to be seen.

Can Portkey help with EU AI Act compliance?

Portkey provides audit logs, access control and enterprise certifications (SOC 2, ISO 27001, HIPAA), which support a compliance program, but it does not document EU AI Act, ISO/IEC 42001 or NIST AI RMF evidence generation or AI risk classification as of July 15, 2026. Kosmoy generates framework-mapped evidence bundles from its registry and gateway logs — that is a core product difference, not a feature gap.

Which is better for a bank or other regulated enterprise?

Kosmoy, in most cases: it is single-tenant software in the bank's own Kubernetes (including air-gapped), it risk-tiers every AI system in an inventory, and it produces auditor-ready evidence. Portkey's air-gapped enterprise tier addresses data residency, but the compliance and inventory layers would still need to come from somewhere else. Italy's central bank and banking regulator runs Kosmoy in production.

Can I run Portkey and Kosmoy together?

Yes. Both are OpenAI-compatible, so they can chain or serve different populations: Portkey as a developer gateway for fast experimentation, Kosmoy as the governed path to production with inventory, compliance evidence and agent containment. Several Kosmoy prospects arrive already running an open-source gateway and keep it during migration.


See the platform behind the scores

Kosmoy puts an inventory, a policy gateway and a containment sandbox around every AI your teams run — in your own Kubernetes.

Or email sales@kosmoy.com.