Runlayer vs. Portkey: Enterprise AI Control Plane vs. LLM Gateway

Runlayer is a full enterprise AI control plane: security scanning, shadow AI detection, Skills, Plugins, and Agents across 18,000+ servers and 300+ AI clients. Portkey is an LLMOps platform with an AI gateway that routes requests across 1,600+ LLMs, plus observability, guardrails, prompt management, and a recently launched MCP Gateway add-on. The core difference is what each product was built to govern. Portkey governs LLM requests: routing, retries, fallbacks, cost tracking, and prompt-level guardrails across model providers. Runlayer governs the full agentic stack: which MCP servers exist in your org, which ones are safe, who can use them, what Skills and Plugins run on top of them, and what agents are deployed. Portkey is infrastructure for model calls. Runlayer is infrastructure for everything that happens after the model decides to use a tool. ## What Portkey Does Well Portkey is a strong LLMOps platform with real production traction. It processes over 10 billion LLM tokens daily across 24,000+ organizations and raised $18M total ($15M Series A led by Elevation Capital in February 2026, with Lightspeed as a returning investor). Named customers include Postman and Snorkel AI. The AI gateway is Portkey's core product. It routes requests across 1,600+ LLMs (OpenAI, Anthropic, Mistral, Google Gemini, Cohere, Bedrock, Azure OpenAI, and more) through a unified API with sub-1ms latency overhead. It provides automatic retries, fallbacks, load balancing, conditional routing, semantic caching, and cost tracking. The gateway is open source (10,200+ GitHub stars) and can be self-hosted or run in Portkey's cloud. Portkey also provides 60+ guardrails (PII redaction, jailbreak detection, content filtering, output validation), prompt management with versioning, and observability dashboards with latency, cost, and token analytics. The enterprise tier adds RBAC, SSO/SCIM, VPC deployment, and SOC 2 Type II, ISO 27001, HIPAA, and GDPR compliance. In January 2026, Portkey launched an MCP Gateway that adds authentication, access control, and observability for MCP server connections. It partners with Lasso Security for threat detection at the MCP protocol level. These are genuine strengths. For teams that need to manage LLM routing, cost optimization, and prompt-level guardrails across multiple providers, Portkey is one of the best options available. ## What Runlayer Is Runlayer is one platform to run MCPs, Skills, and Agents. Four products cover the full enterprise AI lifecycle. **Runlayer Platform** is the enterprise AI control plane. It includes 18,000+ MCP servers in the catalog (each scanned before approval), 200+ pre-built connectors, a Skills and Plugins registry for non-engineers to create reusable AI capabilities without code, and an Agents Factory for building, deploying, and governing autonomous agents with managed identities. **Runlayer Watch** discovers every unauthorized MCP server, OpenClaw install, and Skill running across an organization's devices. No other platform offers this. **Runlayer Guard** runs proprietary non-LLM threat detection models with 99% ROC-AUC, 95.6% accuracy, and 50-100ms inference latency. **Runlayer Embed** is a headless API for embedding the Runlayer catalog into any surface. Runlayer's named customers include Gusto (3,000+ knowledge workers, 0 to 1,500 daily AI users in 90 days), Jane App (100% org-wide adoption in 2 weeks), Instacart, Opendoor, dbt Labs, and Homebase. David Soria Parra, co-creator of MCP at Anthropic, is an investor and technical advisor. Travis McPeak, Head of Security at Cursor, is an investor. Runlayer raised $11M from Khosla Ventures and Felicis, is SOC 2 Type II, GDPR, and HIPAA certified, and is a founding sponsor of the Linux Foundation's Agentic AI Foundation alongside Anthropic, OpenAI, Google, AWS, and Microsoft. ## Runlayer vs. Portkey: Shadow AI Detection Portkey's MCP Gateway governs MCP traffic that routes through its gateway. If an MCP server is registered in Portkey and agents connect through the gateway endpoint, every tool call is authenticated, logged, and policy-checked. But Portkey does not discover which MCP servers are running across an organization's devices. If a developer downloads an MCP server from GitHub, configures it locally in Cursor, and connects it to a production database without routing through Portkey, the gateway has no visibility. The connection is invisible. Runlayer Watch solves this. It deploys through existing MDM tools (Rippling, Jamf, Intune, Kandji) with no additional on-device agent required. It scans devices for MCP server configurations across all AI clients. Two modes: **Detect** (discover and report) and **Enforce** (block unauthorized servers, redirect to the approved catalog). Gusto discovered 800 shadow MCP servers on day one of deploying Watch. Jane App enforces a zero-tolerance policy: no connectors are allowed outside of Runlayer. Approximately 10% of MCP servers in the wild are malicious (Runlayer internal scanning data). A gateway that only governs traffic routed through it doesn't address the shadow MCP problem. Watch operates at the endpoint, so it catches everything regardless of how it was configured. ## Runlayer vs. Portkey: Security and Threat Detection Portkey provides 60+ guardrails that operate at the LLM request level: PII redaction, jailbreak detection, content filtering, output validation, and integration with Palo Alto Networks Prisma AIRS for runtime security. Its MCP Gateway partnership with Lasso Security adds threat detection at the MCP protocol level. These are prompt-level and request-level controls. They catch harmful inputs and outputs flowing through the model. They do not analyze MCP servers themselves for embedded exploits, nor do they detect when an agent's tool calls drift outside the user's intent. Runlayer Guard operates at the tool-call level with proprietary non-LLM models purpose-built for MCP attack vectors. The IO Guard Model achieves 99% ROC-AUC and 95.6% accuracy with an 80% reduction in false positive blocks at 50-100ms inference latency. It detects tool poisoning, tool shadowing, data exfiltration, PII leakage, hidden character injection, prompt injection, command injection, and rug pulls. Guard also includes patented semantic alignment detection (US Provisional 63/984,897). This catches when an agent's tool calls drift outside the user's stated intent, even when individual calls look benign. An agent asked to "summarize Q4 revenue" that starts writing to an external webhook will pass prompt-level guardrails (the output looks fine) but fail semantic alignment at the tool-call level. No other platform, including Portkey, detects this class of threat. Portkey secures the model layer. Runlayer secures the tool layer. Both matter. Only one platform does both. ## Runlayer vs. Portkey: Catalog and MCP Server Management Runlayer's catalog includes 18,000+ MCP servers and 200+ pre-built connectors. Each server is scanned for vulnerabilities, data leaks, and permission drift before approval. New releases are automatically analyzed. Developers install in one click, no JSON config, no procurement delays. Portkey's MCP Gateway lets organizations register and manage their own MCP servers behind a unified gateway endpoint. It includes an MCP Registry for tracking and versioning servers. But Portkey does not provide a pre-vetted catalog of thousands of servers. Organizations using Portkey need to source, vet, and maintain their own MCP servers. The difference matters at scale. When an organization has hundreds of engineers discovering and connecting to MCP servers across the 18,000+ server ecosystem, a continuously scanned catalog with one-click deployment is the difference between controlled adoption and shadow AI sprawl. ## Runlayer vs. Portkey: Skills, Plugins, and Agents This is where the "LLM gateway vs. AI control plane" distinction becomes concrete. Portkey does not offer Skills, Plugins, or native agent deployment. It integrates with agent frameworks (LangChain, CrewAI, OpenAI Agents SDK, LlamaIndex) and routes their model calls through the gateway. That's useful for observability and cost tracking. But Portkey doesn't provide an environment for building, distributing, or managing agents, Skills, or Plugins. Runlayer lets organizations build Skills (markdown-based instruction files that non-engineers create without code), bundle Skills and connectors into Plugins for distribution across the org, and deploy Agents with managed identities, semantic alignment detection, scheduling, and webhook triggers. At Jane App, non-engineers created 15+ Skills without writing code. The marketing team automated SEO workflows across Notion, Google Search Console, and Ahrefs. At Gusto, knowledge workers across all functions build AI-driven workflows. Mike Wittig, Gusto's CIO: "Runlayer enables us to conversationally interact with every single SaaS platform that represents all the work that we do in one place." Every agent in Runlayer gets an Agent Account with On-Behalf-Of (OBO) token exchange, authenticating through the same IdP as human users. Per-agent PBAC policies auto-sync when connectors are linked or unlinked. The Agents Registry provides org-wide discovery and governance of every deployed agent. ## Runlayer vs. Portkey: Are They Complementary? Yes, partially. They operate at different layers of the stack. Portkey governs how applications call LLMs: routing, retries, cost optimization, prompt-level guardrails. Runlayer governs what happens when those LLMs use tools: which MCP servers are approved, whether they're safe, what Skills and Plugins are available, and what agents are deployed across the org. An organization could use Portkey as the LLM gateway (routing model calls, managing costs, applying prompt-level guardrails) and Runlayer as the MCP control plane (managing the tool layer, scanning for threats, detecting shadow AI, and deploying Skills and Agents). They serve different surfaces. In practice, organizations that need Runlayer's scope often don't need Portkey's MCP Gateway separately, because Runlayer already governs the MCP layer end-to-end. But Portkey's LLM routing, cost tracking, and prompt management remain valuable alongside Runlayer for teams managing multi-provider model infrastructure. ## Runlayer vs. Portkey: Feature Comparison Runlayer vs. Portkey: Feature Comparison Feature Runlayer Portkey Primary Function Enterprise AI control plane LLM gateway and LLMOps platform MCP Server Catalog 18,000+ servers, continuously scanned MCP Registry (bring your own servers) Pre-built Connectors 200+ Not provided (MCP Gateway routes to registered servers) LLM Routing Not provided (model-agnostic) 1,600+ LLMs with fallbacks, load balancing, retries Endpoint Security Shadow AI detection integrated with any MDM, no additional on-device agent required Not supported Threat Detection Guard: 99% ROC-AUC, 95.6% accuracy, 50-100ms 60+ prompt-level guardrails, Lasso Security partnership for MCP Semantic Alignment Detection Patented (US Provisional 63/984,897) Not supported Skills and Plugins Registry with GitHub sync, no-code creation Not supported Native Agent Deployment Agents Factory with managed identities (OBO) Not supported (integrates with external agent frameworks) Prompt Management Not provided Versioning, playground, A/B testing Cost Tracking Not provided Per-model, per-team, per-app cost analytics Observability Scope Every local and hosted MCP, skill, plugin across AI clients LLM request logs, traces, latency, cost Deployment VPC (single-tenant), cloud, Terraform/Helm SaaS, hybrid (data plane in VPC), self-hosted Compliance SOC 2 Type II, GDPR, HIPAA SOC 2 Type II, ISO 27001, GDPR, HIPAA Named Customers Gusto, Jane App, Instacart, Opendoor, dbt Labs, Homebase Postman, Snorkel AI ## When to Use Portkey Portkey is a strong choice for teams that need to manage LLM infrastructure at scale. It is a good fit when your primary challenge is routing, reliability, and cost optimization across multiple LLM providers, you need prompt-level guardrails (PII redaction, jailbreak detection, content filtering) applied uniformly across all model calls, you want observability into LLM latency, token usage, and cost per team or application, or you need an open-source gateway you can self-host and extend. Portkey processes over 10 billion tokens daily and has proven itself as production LLM infrastructure. For teams building AI applications where the model call is the critical path, Portkey provides real operational value. ## When to Use Runlayer Runlayer is the right choice when you need the full agentic stack: MCP governance, shadow AI detection, active threat detection at the tool-call level, and the ability to build and deploy Skills, Plugins, and Agents natively. Gusto went from 0 to 1,500 daily AI users in 90 days and discovered 800 shadow MCP servers on day one with Watch. Jane App reached 100% org-wide adoption in 2 weeks with a zero-tolerance shadow AI policy and 15+ Skills created by non-engineers. These deployments required more than LLM routing. They required a platform that covers security, discovery, governance, enablement, and adoption for the tool layer. If your organization is deploying AI agents that interact with production systems through MCP, and you need to govern every connection across hundreds or thousands of knowledge workers, Runlayer is designed for that. ‍