Closed Pilot — Invitation OnlyPOPIA-native · Built for SA enterprisesQ2 2026 cohort open

Stop the ChatGPT paste leak —
without breaking your team's workflows.

Every prompt your team sends to ChatGPT, Claude, Gemini, or any web-based AI is inspected inside the browser, before it leaves the device. Defaults to observe-only for the first 30 days so you see how data actually moves before blocking anything. Context-aware redaction, not keyword spam. Credentials, PII, SA ID numbers and regulated data are handled per your policy. Full POPIA audit trail.

Start free trial See how it worksNo credit card required · Set up in under 10 minutes

Registration

SA (Pty) Ltd

Data residency

Customer-controlled

Regulatory framework

POPIA Act 4 of 2013

Auth standards

SAML 2.0 · OIDC · SCIM 2.0

<1ms

Median scan latency

measured p50 across detector suite

56/56

DLP engine test suite

verified pass rate on internal corpus

Detector classes

enabled by default, all tuneable

10+

AI surfaces covered

browser-native, no vendor API

Interception

Data never leaves the device unredacted.

Inspection happens in-browser, in the same JavaScript context as the AI tool's UI. There is no proxy, no API key, no cloud scanner. The outbound request is modified or blocked locally.

UnprotectedPOST api.openai.com/v1/chat/completions

{
  "messages": [{
    "role": "user",
    "content": "debug this config:
DATABASE_URL=postgresql://admin:s3cretP@ss@db:5432/main
STRIPE_KEY=sk_live_4eC39HqLyjWDarjtT1
AWS_SECRET=wJalrXUtnFEMI/K7MDENG"
  }]
}

Endon-gatedPOST api.openai.com/v1/chat/completions

{
  "messages": [{
    "role": "user",
    "content": "debug this config:
DATABASE_URL=<REDACTED:CONNECTION_STRING>
STRIPE_KEY=<REDACTED:API_KEY>
AWS_SECRET=<REDACTED:AWS_KEY>"
  }]
}

3 secrets redacted · 0.8 ms end-to-end · event written to tenant audit log · no outbound call to Endon

Reference architecture

A diagram you can forward to your network team.

No proxy in the request path. No SaaS to break. No firewall changes required. Endon sits inside the browser tab and reports metadata to a tenant-isolated control plane.

v1 · April 2026

No proxy

Outbound requests go from the browser directly to the AI provider — modified or blocked locally. There is no MITM in the request path.

No prompt content leaves the device

The control plane sees event hashes, detector classes, decisions, and timestamps. Raw prompt text stays in the browser.

SA-resident control plane

Default residency Azure South Africa North or AWS af-south-1. Enterprise customers may select EU, US, or VPC.

High-resolution PDF version available in the security pack · View Trust Center

Detector surface

16 default detectors. Tuneable per organisation.

Rules can be disabled, relaxed, or hardened per department. Custom regex and entropy classes can be added on request during pilot.

Default v1 · Updated 2026-04

Detector	Class	Default severity	Default action
Credit Card (PAN)	Financial	critical	block
API Key / Bearer Token	Secret	critical	block
AWS Access Key	Secret	critical	block
Private Key (PEM)	Secret	critical	block
Database Connection String	Secret	critical	block
JWT	Secret	high	redact
SA ID Number	PII / POPIA	high	redact
SARS Tax Reference	PII / POPIA	high	redact
SA Passport	PII / POPIA	high	redact
SA Bank Account	Financial	high	redact
Medical Aid Number	PII / POPIA	high	redact
Password / Credential	Secret	critical	block
.env File Body	Secret	critical	block
IBAN	Financial	high	redact
Bulk Email List	PII	medium	log
High-Entropy Secret	Heuristic	critical	block

What it does

Not a wrapper. A control plane for the AI prompts your team is already sending.

01 / Prevention

In-browser DLP engine

Every prompt is inspected locally before transmission. 16 detector classes, sub-millisecond latency, zero outbound telemetry from the scanner itself.

02 / Compliance

POPIA-native controls

SA ID, SARS tax, medical aid, and passport detectors run alongside international PII. DSAR tooling, consent log, cross-border transfer ledger.

03 / Visibility

Per-user, per-tool activity

Identify shadow AI usage by department. Drill into individual sessions, per-tool risk scores, and sanctioned vs unsanctioned tool inventory.

04 / Governance

Policy as code

Author rules in a declarative editor. Approve, block, or redact by data class, destination tool, department, or time window. Versioned, audited, reviewable.

05 / Identity

SSO & SCIM

Azure AD, Okta, Google Workspace, OneLogin. SCIM 2.0 for user provisioning. Role-based access with least-privilege defaults.

06 / Deployment

Browser-first, server-backed

MV3 extension for Chromium and Firefox. Central admin console. Managed deployment via group policy. No endpoint agent.

POPIA

Evidence, not assurances.

Every blocked prompt, every redaction, every cross-border transfer is recorded against a tamper-evident audit chain. Export a regulator pack for any date range.

Section 11 · 14 · 23 · 72 covered

§11

Consent

Per-user AI-monitoring consent with timestamped withdrawal.

§14

Retention

Configurable per-class retention; automated purge and anonymisation.

§23

DSAR

30-day deadline tracking, automated data gathering across subsystems.

§72

Cross-border

Ledger of every SA-originating prompt that crosses to US/EU providers.

Coverage

Sensitive data classes blocked out-of-the-box

Credit Card (PAN)API Key / Bearer TokenAWS Access KeyPrivate Key (PEM)Database Connection StringJWTSA ID NumberSARS Tax ReferenceSA PassportSA Bank AccountMedical Aid NumberPassword / Credential.env File BodyIBANBulk Email ListHigh-Entropy Secret

Available nowFree trial · No credit card required

Protect your team in under 10 minutes.

Sign up, install the browser extension across your team, and start enforcing your DLP policy on every prompt your employees send to ChatGPT, Claude, Gemini, and 8 other AI tools. Block, redact, or just monitor — your call. POPIA-grade audit trail from day one.

Stop the ChatGPT paste leak —without breaking your team's workflows.