Kosmoy vs Portkey: AI Gateway and Governance Compared (2026)
Portkey — now part of Palo Alto Networks — is one of the strongest AI gateways on the market. Kosmoy is an AI management platform that happens to include one. Which you need depends on whether your problem is traffic or governance.
Portkey and Kosmoy meet in the same RFPs because both put a policy point between applications and models. They arrive there from opposite directions. Portkey grew from a developer-loved open-source gateway into a control plane for production LLM traffic — routing, cost tracking, guardrails, prompt management — and in May 2026 was acquired by Palo Alto Networks to become the gateway layer of Prisma AIRS. Kosmoy started from the governance problem: an inventory of every AI system a company runs, a gateway to enforce policy on each call, compliance evidence for the auditors, and a sandbox for the agents that act.
This page compares the two honestly, axis by axis, with every Portkey claim cited to Portkey's own documentation. The short version: the specialist owns its spoke; the platform holds the frontier.
Who each product is for
Portkey
Portkey speaks to platform and AI engineering teams first. The open-source gateway (MIT, ~12.4k stars) makes adoption a developer decision, and the paid platform adds the operational layer: request logging with 21+ metrics, budgets and rate limits per key, prompt management, and guardrails with sync blocking. Enterprises can run it as SaaS, hybrid (data plane in their VPC) or fully air-gapped.
Since May 2026 Portkey belongs to Palo Alto Networks, which is folding it into the Prisma AIRS AI-security platform — a signal that its future buyer is increasingly the CISO, though the public roadmap since the acquisition has been quiet.
Kosmoy
Kosmoy speaks to the people accountable for AI as a whole: CTOs, CISOs and AI governance leads in regulated industries. Its unit of work is not the API call but the AI system — each one registered with an owner and a risk tier, observed through the gateway, and, where it acts autonomously, contained in an Action Capsule sandbox.
It is software you run, not a service you send prompts to: single-tenant, in your own Kubernetes, air-gap capable. Italy's central bank and Europe's largest defence group run it in production.
The capability radar
Each spoke is one capability, scored 0–10; the further a point sits from the centre, the stronger the product. Portkey's shape peaks exactly where you would expect — Gateway & Policy Control (9 vs 8) and Observability & FinOps (9 vs 7) both go to Portkey, and its air-gapped enterprise option earns a 9 on sovereignty. Kosmoy's shape is the wider web: inventory, containment and compliance are where the gap runs the other way.
- Portkey
- Kosmoy
| Capability (0–10) | Portkey | Kosmoy | Notes on Portkey |
|---|---|---|---|
| AI Inventory & Discovery | 5 | 9 | Model Catalog plus MCP/agent registries — but only for assets routed through Portkey; no outside discovery. |
| Security & Shadow AI | 4 | 8 | Gateway-centric controls (RBAC, SSO/SCIM, key management); shadow-AI detection is not documented. |
| Observability & FinOps | 9 | 7 | Full logging, 21+ metrics, per-key budgets, OTel and data-lake export — a category leader. |
| Gateway & Policy Control | 9 | 8 | The core product: 1,600+ models, 45+ providers, routing, caching, enforced configs. |
| Guardrails & Runtime Safety | 8 | 8 | 20+ deterministic plus LLM-based checks with sync blocking; advanced detection via partners (Zscaler, Akto, Lasso). |
| Agent Containment | 4 | 9 | Policy-level containment (scoped keys, per-user tool access); no sandbox or kill switch documented. |
| Compliance & Audit | 5 | 9 | SOC 2 / ISO 27001 / HIPAA certifications and audit logs — but no AI-regulation evidence tooling. |
| Testing, Evals & Red-teaming | 3 | 4 | A batch-evals cookbook guide and playground comparisons only. |
| Agent Building | 2 | 6 | Governs external agent frameworks; no agent builder of its own. |
| Deployment Sovereignty | 9 | 10 | OSS self-host, hybrid VPC, or fully air-gapped enterprise deployment. |
Bold marks the highest score on each row. 10 is reserved for categorical architectural facts; specialists are expected to outscore platforms on their own spoke.
Where Portkey wins
Model and provider breadth. One OpenAI-compatible API fronts 250+ LLMs and 1,600+ models across 45+ providers, with retries, fallbacks, load balancing, conditional routing and semantic caching — the most complete routing feature set in the category (Portkey docs).
Request-level observability. Every request is logged with tracing, 21+ analytics metrics and custom metadata; budgets and rate limits attach to individual keys and workspaces; logs export over OpenTelemetry or to a data lake (observability docs). Kosmoy tracks cost, usage and agent traces per model, app and user — solid FinOps, less granular request analytics.
Guardrails ecosystem. Twenty-plus deterministic checks plus LLM-based ones, applied synchronously (blocking) or asynchronously, with partner integrations from Zscaler AI Guard to AWS Bedrock Guardrails (guardrails docs). Kosmoy's guardrails cover the same core categories — PII, toxicity, prompt injection, policy — without the partner marketplace.
Developer adoption path. A free tier, a $49/month Pro plan and an MIT-licensed core mean a single team can adopt Portkey this afternoon. Kosmoy has no self-service tier; procurement runs through an enterprise sales process.
Where Kosmoy wins
Inventory beyond the gateway. Portkey's Model Catalog and registries cover what is routed through Portkey. Kosmoy's four registries also cover what is not: connectors pull agents from Azure AI Foundry, Bedrock, Vertex, Salesforce and ServiceNow into one master list, each entry with an owner and a risk tier. If the question is “what AI do we run?”, only one of these products tries to answer it.
Compliance evidence. Portkey documents SOC 2, ISO 27001 and HIPAA certifications for itself — table stakes for a vendor — but no EU AI Act, ISO/IEC 42001 or NIST AI RMF tooling for its customers (not documented as of July 15, 2026). Kosmoy produces framework-ready evidence bundles from registry state plus gateway logs: one source, every audit.
Agent containment. Portkey's agent gateway controls which skills an agent may call — policy-level containment. Kosmoy's Action Capsule is architectural: each agent, MCP server or private model runs in a kernel-enforced sandbox whose only egress is its paired gateway, with per-task credentials and a kill switch. A hijacked agent reaches only what its gateway allows.
Deployment model as a governance fact. Both offer air-gapped options. The difference is categorical: Kosmoy is only ever single-tenant software in your Kubernetes — there is no vendor-hosted control plane to trust, which is why sovereignty is the one axis scored 10.
Deployment and pricing model
| Portkey | Kosmoy | |
|---|---|---|
| Hosting model | SaaS, hybrid (data plane in your VPC) or air-gapped enterprise | Self-hosted only — single-tenant, your own Kubernetes |
| Where prompts flow | Through Portkey's cloud on SaaS; stay in your VPC on hybrid/air-gapped | Never leave your infrastructure |
| Control plane | Portkey-hosted (except air-gapped tier) | Runs in your cluster |
| Open source | Gateway core (MIT); platform proprietary | Proprietary |
| Pricing model | Free dev tier; Pro from $49/mo; enterprise quote | Enterprise subscription; no self-service tier |
| Ownership | Palo Alto Networks (acquired May 2026) | Independent, founder-owned |
Last verified July 15, 2026 against each vendor's public documentation.
Running them together
Both products expose an OpenAI-compatible endpoint, so applications move between them by changing a base URL — migration in either direction is configuration, not a rewrite. Some enterprises run both: Portkey as the developer-facing gateway for experimentation, Kosmoy as the system of record — inventory, risk tiers, compliance evidence and containment — for what reaches production. If Portkey's post-acquisition roadmap under Palo Alto Networks changes its packaging, that OpenAI-compatible surface is also the exit path.
Questions buyers ask
Is Kosmoy better than Portkey?
Not on every axis, no. Portkey is the stronger pure gateway — more models, deeper request-level observability, a larger guardrails ecosystem, and a free tier Kosmoy does not offer. Kosmoy is the stronger governance platform: organization-wide AI inventory, EU AI Act and ISO 42001 evidence, and kernel-enforced agent containment, none of which Portkey documents. Teams whose problem is LLM traffic should shortlist Portkey; teams whose problem is proving control over AI should shortlist Kosmoy.
What happened to Portkey after the Palo Alto Networks acquisition?
Palo Alto Networks announced the acquisition on April 30, 2026 and closed it on May 29, 2026, positioning Portkey as the gateway layer of its Prisma AIRS AI-security platform. As of July 2026 the public docs changelog stops at April 2026 and the last open-source gateway release predates the deal, so future packaging and pricing under Palo Alto Networks remain to be seen.
Can Portkey help with EU AI Act compliance?
Portkey provides audit logs, access control and enterprise certifications (SOC 2, ISO 27001, HIPAA), which support a compliance program, but it does not document EU AI Act, ISO/IEC 42001 or NIST AI RMF evidence generation or AI risk classification as of July 15, 2026. Kosmoy generates framework-mapped evidence bundles from its registry and gateway logs — that is a core product difference, not a feature gap.
Which is better for a bank or other regulated enterprise?
Kosmoy, in most cases: it is single-tenant software in the bank's own Kubernetes (including air-gapped), it risk-tiers every AI system in an inventory, and it produces auditor-ready evidence. Portkey's air-gapped enterprise tier addresses data residency, but the compliance and inventory layers would still need to come from somewhere else. Italy's central bank and banking regulator runs Kosmoy in production.
Can I run Portkey and Kosmoy together?
Yes. Both are OpenAI-compatible, so they can chain or serve different populations: Portkey as a developer gateway for fast experimentation, Kosmoy as the governed path to production with inventory, compliance evidence and agent containment. Several Kosmoy prospects arrive already running an open-source gateway and keep it during migration.
Sources
Every factual claim about another vendor on this page traces to that vendor's own published material or a named third-party source below.
- Kosmoy AI Gateway — accessed July 15, 2026
- Kosmoy Action Capsule — accessed July 15, 2026
- Palo Alto Networks press release — intent to acquire Portkey (April 30, 2026) — accessed July 15, 2026
- Portkey open-source gateway repository — accessed July 15, 2026
- Portkey docs — what is Portkey — accessed July 15, 2026
- Portkey docs — plan & feature comparison (SaaS / hybrid / air-gapped) — accessed July 15, 2026
- Portkey docs — observability — accessed July 15, 2026
- Portkey docs — guardrails — accessed July 15, 2026
- Portkey docs — MCP gateway — accessed July 15, 2026
- Portkey pricing — accessed July 15, 2026
- Palo Alto Networks press release — Portkey acquisition completed (May 29, 2026) — accessed July 15, 2026
See the platform behind the scores
Kosmoy puts an inventory, a policy gateway and a containment sandbox around every AI your teams run — in your own Kubernetes.
Or email sales@kosmoy.com.