BricksAI🔐: A simple OpenAI access manager for enterprises

BricksAI helps enterprises develop LLM apps more securely

Spike Lu

a year ago

https://www.trybricks.ai/

#b2b#developer_tools

Tl;dr: BricksAI helps enterprises develop LLM apps more securely. We do this through an access manager that can set a spend limit, rate limit and expiration date on individual API keys.

The Problem: OpenAI does not provide enterprise level security features

“You wouldn’t believe how many organizations are building OpenAI wrappers.”

- A machine learning director at a unicorn startup.

OpenAI does not have enterprise-level security features. A lot of companies need to build enhanced security features on top of what OpenAI offers before using them.

“We simply assign each team an OpenAI key”

- A senior engineer working at a public fintech company.

Developing OpenAI applications often means that developers have to share OpenAI key credentials with each other to speed up development.

There are several risks and drawbacks associated with this approach:

Increased likelihood of security breaches: more than 50% of breaches happen due to shared secrets
No cost visibility: no way of knowing what constitutes a $20k OpenAI bill
No access control: no source of truth for OpenAI access
Degraded production performance: OpenAI has an organization-level rate limit. One team’s experimentation with OpenAI could impact the performance of production OpenAI applications if not properly rate limited.

Azure OpenAI service helps fill some of the gaps but this product is simply not available to users of GCP and AWS for competitive reasons.

The Solution: A self-hosted OpenAI access manager

BricksAI checks all requests between your applications and different LLMs. We ensure every call is authorized, and does not exceed any traffic and cost limits.

You can create a custom API key with a rate-limit, spend-limit, and expiration date either programmatically or through our UI:

Then use the API key to access an LLM like you normally would. When a key reaches its limit (e.g. has expired), our gateway blocks off your requests:

In addition, our enterprise offering includes

SSO: SSO integration
Dashboard: Dashboard view of the keys created
Analytics: Analytics on usage and cost by team and service
Access Control: Access control over who can view and create keys

Who are we?

Spike (on the right) was a senior software engineer at Unity for three years. He worked on an internal API gateway used by hundreds of developers.

Donovan (on the left) was a software engineer at Credit Suisse, building internal tools dealing with financial instruments used by institutional investors.

While working on our previous AI powered Figma to code idea, we realized that developing applications using OpenAI credentials is easy to get started but poses huge security risks. After constantly hearing news about leaked OpenAI keys, we are inspired to create a solution that helps make OpenAI development safer at enterprises.

Interested in learning more?

📅 Book a call
✉️ Email us at spike@bricks-tech.com
🤝 Connect with us on LinkedIn