Popular AI gateway startup LiteLLM ditches controversial startup Delve

LiteLLM, makers of a popular AI gateway used by millions of developers, has

publicly announced

that it is ditching compliance startup Delve and will redo its security certifications with another company and auditor. The announcement comes after LiteLLM’s open source version fell victim to some horrific

credential-stealing malware

last week.

Prior to the incident, LiteLLM had obtained two security compliance certifications by hiring AI compliance startup Delve. Such certifications are intended to verify that a company has procedures in place to minimize potential incidents.

Delve has been

accused of misleading its customers about their true compliance

by allegedly generating fake data and using auditors that rubber-stamped their reports. Delve’s founder has

denied those allegations

and offered free re-tests and audits to all of its customers. That denial encouraged the anonymous Delve whistleblower to double down,

including releasing alleged receipts over the weekend.

On Monday, LiteLLM CTO Ishaan Jaffer

posted

on X that his company will be using Delve competitor Vanta to re-certify and will find its own, independent third-party auditor to verify its compliance controls. After such a harsh week, LiteLLM is voting with its feet.