LiteLLM is great and all, but what about security?
Genuine question, not a dunk.
We're trying to roll out LiteLLM company-wide, and security is blocking it. Their worry is that it's a single component holding keys to every provider, sitting in the path of all our prompt data, with audit logging that isn't where they need it for compliance. I get it, that's a juicy target.
For those in regulated environments (health, finance, gov): did you actually get LiteLLM approved, and what did it take? Self-hosting only? Custom audit logging? A wrapper around the wrapper? Or did the review push you to something else entirely?
Trying to work out if this is a "configure it right" problem or a "wrong tool for this context" problem.