Introducing Gateco: Permission-Aware Retrieval for AI Systems
AI agents are increasingly accessing organizational knowledge through vector databases. But vector databases have no concept of authorization — they retrieve by semantic similarity alone. This gap puts sensitive data at risk.
Gateco is a permission-aware retrieval layer that enforces access policies at retrieval time. It connects to 9 vector databases (pgvector, Pinecone, Qdrant, Weaviate, Milvus, Chroma, OpenSearch, Supabase, and Neon) and provides deny-by-default retrieval enforcement.
The core workflow is straightforward: connect your vector database, define policies (RBAC or ABAC), and every retrieval is automatically checked. Outcomes are classified as Allowed, Partial (some results filtered), or Denied. Every decision is recorded in an immutable audit log with 25 event types.
We designed Gateco around three principles. First, it's not a vector database or a RAG framework — it's the security layer that sits between your existing components. Second, deny-by-default means no data is returned without an explicit policy match. Third, auditability is built in from the start, not bolted on.
Gateco is available today with a free tier (100 retrievals/month, 1 connector) and Pro ($89/month) and Enterprise ($599/month) plans for teams that need ABAC policies, Policy Studio, Access Simulator, SIEM integration, and more.
Related reading
← Previous
Understanding Semantic Readiness: L0 Through L4 Explained
Next →
The RAG Security Gap: Why Semantic Similarity Is Not Authorization
Ready to secure your AI retrieval?
Start with the free tier — 100 retrievals/month, no credit card required.