LiteLLM, a popular AI gateway startup, has announced it is ditching compliance startup Delve after a malware incident. Delve has been accused of misleading customers about their true compliance.
Key Takeaways
- LiteLLM is redoing its security certifications with a new company after ditching Delve
- Delve has been accused of generating fake data and using auditors that rubber-stamp their reports
- LiteLLM will use Delve competitor Vanta to re-certify and find an independent third-party auditor
In This Article
- The State of AI Security
- The Delve Controversy
- LiteLLM's Response to the Incident
- The Future of AI Security
The State of AI Security
AI security is a growing concern for many companies.
- LiteLLM's open source version fell victim to credential-stealing malware last week, highlighting the need for robust security measures
- Security compliance certifications are crucial for verifying that a company has procedures in place to minimize potential incidents
- Delve's alleged misconduct has raised questions about the effectiveness of these certifications
This is part of our commitment to being the most secure and transparent AI Gateway possible
— Ishaan (@ishaan_jaff) March 30, 2026
CC @GergelyOrosz @derekelewis @Julie188 since you all originally posted about our SOC-2 just wanted to share an update from our side and that we heard the feedback
The Delve Controversy
Delve has been accused of misleading its customers.
- Delve has been accused of generating fake data and using auditors that rubber-stamp their reports, which has led to a loss of trust in the company
- The founder of Delve has denied these allegations and offered free re-tests and audits to all of its customers
- Despite this, an anonymous whistleblower has released alleged receipts that appear to support the claims of misconduct
LiteLLM's Response to the Incident
LiteLLM has taken steps to address the incident.
- LiteLLM CTO Ishaan Jaffer announced that the company will be using Delve competitor Vanta to re-certify and find an independent third-party auditor
- This move is a vote of confidence in Vanta's ability to provide robust security certifications
- LiteLLM's decision to ditch Delve is a significant blow to the company's reputation
The Future of AI Security
The incident has implications for the future of AI security.
- The incident highlights the need for greater transparency in the AI security industry
- Companies must be vigilant in ensuring that their security certifications are legitimate and effective
- The use of independent third-party auditors is crucial in maintaining trust in the industry
Final Thoughts
The incident is a reminder of the importance of robust security measures in the AI industry. For more news and analysis on AI and technology, visit logicity.in
Sources & Credits
Manaal Khan
Tech & Innovation Writer
Produced with AI assistance and reviewed by the Logicity editorial team. Learn more in our Editorial Policy.
