LiteLLM, the creator of a prominent AI gateway utilized by countless developers, has openly declared its decision to sever ties with compliance firm Delve. The company further stated its intention to re-obtain security accreditations through a different firm and an independent auditor. This disclosure emerges in the wake of LiteLLM’s open-source version succumbing to dreadful credential-harvesting malware last week.
Before this event, LiteLLM had secured two security adherence attestations, having engaged the services of AI compliance startup Delve. These validations are designed to confirm that an organization maintains established protocols aimed at minimizing potential incidents.
Delve faces accusations of deceiving its clientele regarding their true adherence, reportedly by fabricating data and employing auditors who uncritically approved their findings. The founder of Delve has, however, refuted these claims, offering complimentary re-evaluations and inspections to its entire client base. This refutation prompted the unidentified Delve informant to intensify their efforts, disseminating purported receipts over the past weekend.
This past Monday, Ishaan Jaffer, LiteLLM’s CTO, announced on the platform X that his firm intends to engage Vanta, a rival of Delve, for re-certification. Furthermore, the company plans to procure its own impartial, external auditor to validate its adherence mechanisms. Subsequent to a challenging week, LiteLLM is clearly demonstrating its decision through action.
{content}
Source: {feed_title}