Head-to-headPublished July 16, 2026· Last verified July 16, 2026

Portkey vs LiteLLM (2026): AI Gateways Compared — and Where Kosmoy Fits

Portkey and LiteLLM are the two AI gateways most teams shortlist first — one a managed control plane, the other an open-source proxy. Here is how they differ, and where each stops being a gateway question.

Portkey and LiteLLM solve the same first problem: put one OpenAI-compatible endpoint in front of every model provider, so applications stop hard-coding vendors. They solve it from opposite ends. LiteLLM is an open-source proxy you run and own; Portkey is a managed control plane (now part of Palo Alto Networks) that layers observability, guardrails and prompt management on top of the gateway.

This page compares the two on the capability axes that matter, with every claim cited to each vendor's own documentation. It then does something a straight head-to-head cannot: it asks what happens when the requirement grows past the gateway — inventory, compliance evidence, agent containment — which is where a full AI management platform like Kosmoy enters the frame.


Who each product is for

Portkey

Portkey speaks to platform teams that want the gateway problem solved without operating it: a managed control plane with request logging (21+ metrics), budgets per key, a guardrails library and prompt management, spanning SaaS, hybrid and air-gapped deployments. Its open-source gateway core (MIT, ~12.4k stars) makes adoption easy; the platform monetizes the operational layer.

Since May 2026 it belongs to Palo Alto Networks, folded into Prisma AIRS — enterprise security distribution, with a quieter public roadmap since.

LiteLLM

LiteLLM speaks to engineers who want to own the gateway: an MIT-licensed proxy and SDK fronting 100+ providers, self-hosted anywhere including air-gapped, with spend tracking, budgets, an MCP gateway and a fast-moving community (weekly releases).

It is the default when the team is comfortable operating infrastructure and wants zero licence cost and maximum control.


Portkey vs LiteLLM vs Kosmoy — the capability radar

Three shapes on the same ten axes. Portkey (orange) and LiteLLM (violet) both peak on Gateway & Policy Control and cluster low on the governance axes — that is the gateway category's signature. Kosmoy (blue) trades a little raw gateway breadth for reach across inventory, compliance and agent containment. Read it as area: the two gateways compete on one spoke; the suite covers the web.

  • Portkey
  • LiteLLM
  • Kosmoy
Portkey vs LiteLLM vs Kosmoy — capability radarCapability radar comparing Portkey, LiteLLM and Kosmoy across ten axes, scored 0 to 10. AI Inventory & Discovery: Portkey 5, LiteLLM 4, Kosmoy 9; Security & Shadow AI: Portkey 4, LiteLLM 3, Kosmoy 8; Observability & FinOps: Portkey 9, LiteLLM 8, Kosmoy 7; Gateway & Policy Control: Portkey 9, LiteLLM 9, Kosmoy 8; Guardrails & Runtime Safety: Portkey 8, LiteLLM 6, Kosmoy 8; Agent Containment: Portkey 4, LiteLLM 3, Kosmoy 9; Compliance & Audit: Portkey 5, LiteLLM 4, Kosmoy 9; Testing, Evals & Red-teaming: Portkey 3, LiteLLM 1, Kosmoy 4; Agent Building: Portkey 2, LiteLLM 4, Kosmoy 6; Deployment Sovereignty: Portkey 9, LiteLLM 9, Kosmoy 10.246810AI Inventory &DiscoverySecurity &Shadow AIObservability &FinOpsGateway &Policy ControlGuardrails &Runtime SafetyAgentContainmentCompliance &AuditTesting, Evals &Red-teamingAgent BuildingDeploymentSovereignty
Capability scores, axis by axis
Capability (0–10)PortkeyLiteLLMKosmoy
AI Inventory & Discovery549
Security & Shadow AI438
Observability & FinOps987
Gateway & Policy Control998
Guardrails & Runtime Safety868
Agent Containment439
Compliance & Audit549
Testing, Evals & Red-teaming314
Agent Building246
Deployment Sovereignty9910

Bold marks the highest score on each row. 10 is reserved for categorical architectural facts; specialists are expected to outscore platforms on their own spoke.


Where Portkey wins

Managed depth. Portkey ships request-level observability (21+ metrics), a guardrails library with synchronous blocking, and a prompt-management studio LiteLLM does not match natively (Portkey observability).

Model breadth. One API to 250+ LLMs and 1,600+ models across 45+ providers, versus LiteLLM's 100+.

A managed control plane. SaaS and hybrid options mean no infrastructure to operate for the team that would rather not — plus a documented air-gapped tier for those who must.

Where LiteLLM wins

Cost and ownership. LiteLLM's core is free and MIT-licensed; there is no per-request meter and no vendor to depend on. For high-volume or budget-constrained teams that is decisive.

Community and velocity. A large open-source community (~53k+ stars) and weekly releases outpace any single vendor's cadence, and the most mature open-source MCP gateway lives here.

Roadmap independence. LiteLLM's direction is community-driven; Portkey's is now set inside Palo Alto Networks, and its public docs changelog has been quiet since April 2026.


Where Kosmoy fits

The specialist owns its spoke; the platform holds the frontier

Both Portkey and LiteLLM answer “how do we route and govern model traffic?” Neither answers “what AI are we running, is it compliant, and what happens when an agent misbehaves?” Those are different questions, and in a regulated enterprise they arrive together.

Kosmoy includes the gateway both products are — one OpenAI-compatible policy point with guardrails, RBAC, budgets and logging — but wraps it in the other three layers a gateway leaves out: a risk-tiered inventory of every model, MCP server and agent (including a master agent registry that pulls from Foundry, Bedrock, Vertex, Salesforce and ServiceNow); EU AI Act, ISO 42001 (aligned) and NIST AI RMF evidence from registry state plus gateway logs; and kernel-enforced Action Capsule containment for agents that act.

So the honest framing is not “Kosmoy beats Portkey and LiteLLM at being a gateway” — they are excellent gateways. It is that a gateway is one spoke. If the requirement is the whole web — inventory, gateway, compliance and containment in one self-hosted platform — that is a suite decision, not a gateway decision.

CapabilityCapabilityPortkeyLiteLLMKosmoy
OpenAI-compatible multi-provider gateway
Guardrails in the request pathPartial — via integrations
Request observability / FinOpsBasic (spend, budgets)
Org-wide AI inventory (beyond the gateway)
Master agent registry (Foundry/Bedrock/Vertex/…)
EU AI Act / ISO 42001 / NIST evidence
Kernel-enforced agent containment
Self-hosted / air-gappedEnterprise tier
Open-source coreGateway only (MIT)MIT
Pricing modelFree tier; Pro; enterprise quoteFree (OSS); enterprise licenceEnterprise subscription

Last verified July 16, 2026 against each vendor's public documentation.


Which should you choose?

For a team whose problem genuinely is model traffic, pick on the axis that matters: LiteLLM to own it open-source, Portkey to have it managed with depth. Both are OpenAI-compatible, so switching later is a base-URL change.

For an enterprise that has to prove control over all of its AI — not just route it — the choice is not between these two gateways but between a point tool and a suite. Kosmoy can also sit in front of either: some teams keep an open-source gateway for experimentation while Kosmoy holds the inventory, compliance evidence and containment for what reaches production.


Questions buyers ask

Is Portkey or LiteLLM better?

Neither is universally better — they optimize for different things. LiteLLM is a free, open-source proxy you host and control, ideal for teams comfortable operating infrastructure and wanting zero licence cost. Portkey is a managed control plane with deeper observability, guardrails and prompt management, and model breadth (1,600+), ideal for teams that would rather not run the gateway themselves. Portkey is now owned by Palo Alto Networks; LiteLLM remains independent and community-driven.

Can I migrate from LiteLLM to Portkey or vice versa?

Yes — both expose an OpenAI-compatible endpoint, so moving between them is largely a base-URL and key change rather than an application rewrite. The harder migration is configuration and observability history, not the API surface. The same OpenAI compatibility lets either sit behind a broader platform like Kosmoy.

Do Portkey or LiteLLM handle EU AI Act compliance?

Not as products. Both provide logs and access controls that support a compliance program, but neither documents EU AI Act, ISO 42001 or NIST AI RMF evidence generation or AI risk classification as of July 15, 2026. That evidence layer is a governance-platform capability — Kosmoy generates it from its registries and gateway logs.

Where does Kosmoy fit against Portkey and LiteLLM?

Kosmoy includes the same OpenAI-compatible gateway both provide, but it is one layer of a full AI management platform: organization-wide inventory, compliance evidence, and kernel-enforced agent containment sit alongside it. If your requirement is only model routing, Portkey or LiteLLM is the lighter answer; if it is proving control over all your AI in your own infrastructure, that is a suite decision.


Sources

Every factual claim about another vendor on this page traces to that vendor's own published material or a named third-party source below.

  1. Portkey open-source gateway repository — accessed July 15, 2026
  2. LiteLLM repository (BerriAI) — accessed July 15, 2026
  3. Kosmoy AI Gateway — accessed July 15, 2026
  4. Portkey docs — what is Portkey — accessed July 15, 2026
  5. Portkey docs — plan & feature comparison (SaaS / hybrid / air-gapped) — accessed July 15, 2026
  6. Portkey docs — observability — accessed July 15, 2026
  7. Portkey docs — guardrails — accessed July 15, 2026
  8. Portkey docs — MCP gateway — accessed July 15, 2026
  9. Portkey pricing — accessed July 15, 2026
  10. Palo Alto Networks press release — Portkey acquisition completed (May 29, 2026) — accessed July 15, 2026
  11. LiteLLM README (100+ providers, MCP/A2A, performance claims) — accessed July 15, 2026
  12. LiteLLM enterprise docs (features, SLAs, air-gap, pricing by quote) — accessed July 15, 2026
  13. LiteLLM release notes index (2026 releases) — accessed July 15, 2026
  14. Rust migration announcement (issue #31263, June 25, 2026) — accessed July 15, 2026
  15. Guardrail policy templates (incl. offline/air-gapped mode) — accessed July 15, 2026
  16. MCP deployment docs (registry, exposure controls, air-gap guidance) — accessed July 15, 2026
  17. litellm-agent-runtime (per-session VM coding-agent runtime) — accessed July 15, 2026

One suite instead of two point tools

Kosmoy puts an inventory, a policy gateway, compliance evidence and a containment sandbox around every AI your teams run — in your own Kubernetes.

Or email sales@kosmoy.com.