PolicyDrift

PolicyDrift is a web app (with optional CLI) that continuously detects and prevents “policy drift” across API gateways and management layers. Teams often think their rate limits, auth rules, CORS, headers, and logging policies are consistent across environments, but they aren’t—especially after hotfixes, incident changes, or multiple gateway products. PolicyDrift connects to common gateways (e.g., Kong, Apigee, AWS API Gateway) and pulls live configs on a schedule. It normalizes them into a single policy model, highlights differences across dev/stage/prod, and enforces guardrails via approval workflows and automated pull requests to your config repo. It also runs pre-deploy checks to block releases that would weaken security or break contract requirements. This is not a full API management replacement; it’s a focused compliance and reliability layer that sits on top of what you already use.