APERION Launches SmartFlow, a Secure, On-Premises Alternative to Compromised Cloud AI Gateways

With LiteLLM Supply Chain Attack Impacting 36% of Cloud Environments, APERION Sees 200% Traffic Surge

APERION (formerly LangSmart), the enterprise AI governance company, today announced the launch of the SmartFlow SDK, providing a secure, on-premises path for enterprises migrating away from compromised cloud-based AI gateways. The launch coincides with a 200% increase in web traffic since the March 24 LiteLLM supply chain attack that compromised an estimated 36% of all cloud environments.

LiteLLM was the victim of a supply chain attack in which the threat actor group TeamPCP compromised the most widely used open-source LLM proxy in the Python ecosystem through a cascading breach of Aqua Security’s Trivy vulnerability scanner. The compromise has forced enterprises across financial services, healthcare, and defense to urgently reassess their AI infrastructure dependencies. The entire LiteLLM package, with approximately 95 million monthly downloads, remains quarantined on the Python Package Index.

APERION’s flagship product, SmartFlow, is an on-premises, Kubernetes-native AI governance control plane that was architecturally unaffected by the incident. SmartFlow is deployed as a software appliance behind the enterprise firewall, with no dependency on public package registries, no cloud data transit, and no external CI/CD pipelines in the customer deployment path.

“The LiteLLM supply chain attack is the AI era’s SolarWinds or NotPetya moment. It validates what we have been building toward since day one: regulated enterprises cannot govern their AI from the cloud,” said Craig Alberino, CEO and Co-Founder of APERION. “In the week since the breach, we have seen a 200% increase in web traffic from enterprises searching for LiteLLM alternatives and AI gateway security. These are not startups. These are institutions that define what production-grade means in financial services and healthcare. AI governance infrastructure is an estimated $40 to $50 billion market opportunity, and enterprises are now making purchasing decisions based on deployment model and supply chain security, not just features.”

SmartFlow is in production with paying enterprise customers including DDA, the leading AI-powered commercial real estate investment due diligence platform, which has achieved 99.999% uptime over four months of continuous operation. Active evaluations are underway at multiple Fortune 500 institutions in financial services. The company holds 22 patent positions covering enterprise AI governance, sovereign model deployment, and autonomous AI control plane architecture.

The SmartFlow SDK, also released this week, is a Python library providing enterprise developers an immediate path from evaluation to production-grade AI governance. The SDK detects whether a SmartFlow appliance is available and configures accordingly: full enterprise features with an appliance, or a standalone software gateway with feature parity to LiteLLM and OpenRouter without one. APERION has also published a migration whitepaper for organizations transitioning from compromised or discontinued AI gateway dependencies.

“The March 2026 supply chain attack was not an anomaly. LiteLLM had 17 or more CVEs before this incident,” said Scott Ancheta, CTO and Co-Founder of APERION. “When your AI governance layer depends on a public package registry and an unaudited CI/CD pipeline, you are not running enterprise-grade infrastructure. SmartFlow was built from the ground up as a governed appliance because we understood that the deployment model is the security model. Our Rust-based infrastructure delivers sub-5 millisecond routing overhead and our MetaCache semantic caching achieves 55% to 75% hit rates at p95 latency on production hardware. These are published, verifiable benchmarks from NVIDIA GTC 2026.”

Key Facts:

SmartFlow is deployed on-premises as a Kubernetes-native software appliance, storing zero customer data by design. The platform integrates with enterprise identity providers including Entra ID, LDAP, SAML, and OIDC for per-user audit trails and compliance-ready reporting. SmartFlow’s no-code policy engine maps to EU AI Act, NIST AI RMF, FINRA, SEC, OCC, and HIPAA requirements. The company estimates the AI governance infrastructure market at $40 to $50 billion, representing 5% to 15% governance capture of overall AI infrastructure spend.

About APERION

APERION (formerly LangSmart) builds SmartFlow, the on-premises AI governance control plane for regulated industries. Founded on the principle of AI Sovereignty, APERION delivers governance, security, and compliance that runs inside the enterprise, under enterprise control, with no data ever leaving the network perimeter. For more information, visit aperion.ai.

View source version on businesswire.com: https://www.businesswire.com/news/home/20260402183262/en/

"The most widely used open-source LLM proxy just got supply-chain attacked. 36% of cloud environments affected. SmartFlow was unaffected. The deployment model is the security model." — Craig Alberino, CEO, APERION