How AiEGIS Works — Privacy By Design

Endpoint sensor → customer infrastructure → customer dashboard. Three components, one architectural rule: customer data never touches AiEGIS Ltd.

01

Architecture diagram

Employee Laptop sends encrypted log stream to Customer's Cloud / VPC. Endpoint runs network proxy (detects AI API calls, captures prompt+response+tool calls). Browser extension catches Chrome/Firefox chatbot UI usage. Customer Cloud runs AiEGIS Dashboard (Docker) with search, real-time alerts, audit log export, policy engine. AiEGIS Ltd cloud sees only license validity + software updates. NOT prompts, responses, customer data.

02

Endpoint sensor

Captures: outbound network requests to AI vendor APIs.

Vendor coverage roadmap (v1 target, Q3 2026 alpha for design-partner pilots): OpenAI, Anthropic, Google, Microsoft Copilot, Perplexity, Cursor, Cohere.

Per-call data: prompt, response, model, tool calls, latency, status, employee ID.

Does NOT: capture personal user content, decrypt non-AI traffic, run as root, modify packets.

Footprint (design target): <2% CPU, <50MB RAM, <100kbps bandwidth. v1 measurements published in pilot agreements.

Platforms: macOS Endpoint Security framework + Network Extension; Windows Filtering Platform driver; Linux eBPF (no kernel module).

03

Browser extension

Captures: prompts + responses inside chat interfaces of chat.openai.com, claude.ai, copilot.microsoft.com, gemini.google.com.

Why separate: web AI uses TLS to vendor cloud — endpoint sensor sees TLS handshake but not plaintext. Browser extension sees plaintext at DOM level.

Privacy-first: only runs on configured AI domains. Browsing other sites never inspected.

04

Customer-owned dashboard

Deployed where customer chooses:

  • Single-tenant SaaS — we manage in customer's AWS/GCP/Azure account (we never have access)
  • On-premises — Docker / Kubernetes in customer's data center

Stack: PostgreSQL + Python backend + React UI. Open-source components, audit-friendly.

Features:

  • Live feed of AI activity per employee
  • Search by employee, model, data classification
  • Real-time alerts on policy violations (PII pasted into ChatGPT, prompt injection patterns)
  • Audit-grade export (CSV, PDF, JSON) for EU AI Act compliance
  • Role-based access (CISO sees all, manager sees their team only)
  • Optional integration with SIEM (Splunk, Sentinel, Crowdstrike Falcon)

Data ownership: every byte in customer infra. AiEGIS Ltd has no copy, no access, no key.

05

What AiEGIS Ltd actually sees

Minimum required to maintain the service:

  • Software version / update status
  • License key validity
  • Aggregate health metrics (alive yes/no, last heartbeat)
  • Anonymous error reports (no customer data, no employee identifiers)

That's it. We sell software. Customer owns data.

06

EU AI Act compliance

ArticleWhat it requiresWhat AiEGIS provides
9Risk managementPer-AI-call risk classification
10Data governanceWhat data went where
11Technical documentationSystem architecture exposed
12Record-keepingPer-employee per-call log
13TransparencyDisclosure-ready audit reports
14Human oversightReal-time policy enforcement
15RobustnessAnomaly detection on AI behavior
50AI disclosureDetection of synthetic / model-generated outputs
72Post-market monitoringContinuous behavioral baseline

Penalties for non-compliance: up to 7% of global revenue. Article 50 transparency enforcement: August 2 2026. Articles 9-15, 72 (high-risk): December 2 2027.

07

Roadmap (what v1 doesn't cover yet)

We're transparent about scope. v1 covers approximately 80% of typical enterprise AI usage. The remaining 20% is on the v2 roadmap (3-6 months post-pilot):

  • Plugin / tool-call telemetry — ChatGPT plugins, Claude tools, Cursor agents calling external tools. v1 captures the LLM call but not always the tool-call payload.
  • Embedding endpoints — text-embedding-ada, Voyage, Cohere embeddings. We currently catch chat completion APIs; embedding APIs need additional enumeration.
  • Local LLM (no network egress) — Ollama, llama.cpp, LM Studio running on localhost. We're researching syscall + model-file detection for v2.
  • Mobile apps — ChatGPT iOS/Android. Requires separate mobile MDM integration, planned for v2.
  • Voice input — Apple Voice → ChatGPT voice mode. We see the API call but not always the spoken prompt content.
  • IDE plugin telemetry — Copilot in VSCode, Cursor, Windsurf. Some captured by endpoint network proxy; deeper IDE integration v2.

If your CISO use-case requires any of these for v1, talk to us — we can scope a custom integration in design-partner agreements.

08

Get started