Gateco logo
ContactGet Started
Blog/rag

rag

4 posts

reference architecturearchitecturesecurityragengineering

Pre-Retrieval vs Post-Retrieval Authorization

A RAG pipeline can enforce access inside the vector query or in the app after results return. Each has a distinct failure mode. Here is what breaks.

June 21, 2026·7 min read
reference architectureragsecurityengineering

How to Enforce Document-Level Permissions in Enterprise RAG

Embeddings throw away the permissions your source systems already track. Here is the recipe to carry document-level permissions into a RAG pipeline.

June 20, 2026·8 min read
reference architectureragengineeringproduct

Adding Gateco to a LangChain or LlamaIndex RAG Pipeline

Gateco is not a RAG framework. It is the authorization layer you insert at the retrieval step of LangChain or LlamaIndex. Here is where it goes, and why.

June 19, 2026·6 min read
securityragarchitecture

The RAG Security Gap: Similarity Is Not Authorization

Vector databases retrieve by embedding similarity. They don't know who's asking or check permissions. That is the RAG security gap, and it is wide.

March 10, 2025·6 min read
← All posts
Gateco

Permission-Aware Retrieval for AI Systems

<25ms p95 policy-layer overhead•Fail-closed by default
Get Started, Free
Available onAzure Marketplace

Product

  • Features
  • Pricing
  • Integrations
  • Architecture
  • MCP Server

Solutions

  • For Security Teams
  • Customers
  • EU AI Act

Compare

  • All comparisons
  • vs Cerbos
  • vs pgvector RLS
  • vs Microsoft Purview
  • vs Glean
  • vs Pinecone RBAC
  • vs Oso
  • vs OPA / Rego
  • Build vs buy

Resources

  • Documentation
  • SDKs
  • Guides
  • Blog
  • Videos
  • Changelog
  • Roadmap
  • Design Partners
  • About

Compliance

  • Security
  • Trust Center
  • SOC 2
  • GDPR
  • HIPAA
  • EU AI Act
  • Privacy Policy
  • Terms of Service

© 2026 Gateco. All rights reserved.

security@gateco.aienterprise@gateco.ai