Securing AI Traffic: PII Masking, Prompt Guardrails, & Data Sovereignty
As organizations scale LLM adoption, AI traffic quickly becomes both an ungoverned attack surface and an unpredictable cost center. An AI Gateway brings this under control, providing a single control plane for all AI traffic, turning risky LLM usage into transparent and governable. In this lab session, you will work with WSO2 AI Gateway that sits between your applications and LLM service providers, proxying and securing every interaction. We will cover essential and decision making flows such as multi-model routing with intelligent failover so your applications are never tied to a single provider, and key distribution that lets teams consume LLMs without directly holding provider credentials.
On the security front, we explore enterprise-grade guardrails such as prompt validation, PII masking, and content filtering, alongside cost governance through token-level rate limiting, and analytics that give visibility into consumption by usage. We also can apply prompt optimization techniques to reduce redundant calls and enforce consistent behavior across providers.
Finally, we address data sovereignty. The gateway's flexible deployment model allows you to run the data plane on your own infrastructure, ensuring AI traffic and observability data never leave your network boundary.
Speakers
Erandi is a Lead Solutions Engineer in the Solutions Architecture team at WSO2, with around 8 years of experience spanning both engineering and solutions architecture. She has been pivotal in designing and delivering scalable, secure, and high-performing API management, integration and Agentic enterprise solutions across sectors such as fintech, hospitality, government, and education. As a trusted advisor to enterprise clients in North America, Erandi brings a strategic perspective and deep technical insight to help organizations navigate complex architectural challenges and accelerate their digital transformation initiatives.
Pubudu Gunatilaka is a Director at WSO2, where he leads the product architecture for the WSO2 API Platform. With over a decade of experience in API management and cloud-native architectures, he has been instrumental in shaping and advancing WSO2's API management offerings. A recognized thought leader in the field, Pubudu has shared his expertise at leading global conferences such as APIDays, Nordic APIs, Open Source Summit, and Conf42, as well as numerous technology meetups. He is passionate about driving innovation in API management, API gateways, and API security, helping enterprises build scalable, resilient, and future-ready API strategies.