LiteLLM cuts ties with Delve amid controversy

LiteLLM, widely used by developers to access and manage multiple AI models, has announced that it is ending its association with Delve following recent controversy surrounding the compliance firm. The company said it will pursue new security certifications through alternative providers.

The decision comes shortly after LiteLLM’s open-source project was compromised by credential-stealing malware, an incident that quickly gained attention across the developer community. Before the breach, LiteLLM had secured two compliance certifications with the help of Delve, which specialises in automating processes required to meet security standards and regulatory frameworks.

These certifications are generally intended to demonstrate that a company has established procedures and safeguards designed to reduce the likelihood of security incidents. However, recent allegations against Delve have raised questions about the reliability of those assurances.

The compliance startup has been accused of misleading customers by allegedly producing fabricated data and relying on auditors who approved reports without sufficient scrutiny. Delve has denied the claims, with its founder offering free re-evaluations and audits to customers in response to the allegations. Despite that response, the situation intensified after an anonymous whistleblower reiterated the accusations and shared what they described as supporting evidence, including additional materials released over the weekend.

Against this backdrop, LiteLLM has opted to move forward independently. On Monday, LiteLLM CTO Ishaan Jaffer announced that the company will work with Vanta, a competitor in the compliance space, to obtain new certifications. In addition, LiteLLM plans to engage an independent third-party auditor to verify its compliance processes.

The move reflects a broader effort by LiteLLM to rebuild trust following the security incident and to ensure that its compliance credentials are backed by more rigorous and transparent verification. After a week marked by both a high-profile security breach and growing scrutiny of its previous compliance partner, LiteLLM’s decision signals a clear shift in approach as it seeks to strengthen its security posture and restore confidence among its users.