LiteLLM, a prominent AI gateway provider, has decided to part ways with compliance startup Delve following a recent security incident involving credential-stealing malware. Prior to this development, LiteLLM had engaged Delve to secure two essential security compliance certifications, which are crucial for validating a company’s adherence to established security protocols.
However, Delve has faced allegations of providing misleading compliance information to its clients, with claims of falsified data and questionable auditing practices. Despite the founder’s denial of these accusations and the offer of free re-tests and audits, a whistleblower has emerged to further challenge Delve’s credibility, even sharing purported evidence.
In response to these events, LiteLLM’s CTO, Ishaan Jaffer, announced the company’s decision to switch to Vanta, a competitor of Delve, for the recertification process. Additionally, LiteLLM will engage an independent third-party auditor to validate its compliance controls, signaling a proactive approach to address the recent security setbacks.
This strategic shift by LiteLLM underscores the critical importance of robust security measures in the tech industry, especially within the realm of AI and compliance.
Source: TechCrunch