The Core Question: How Do You See Encrypted Traffic?
This is the right question to ask before deploying any endpoint monitoring tool. Modern AI platforms (ChatGPT, Claude, Copilot, Gemini) all use HTTPS, which encrypts traffic in transit. Here is exactly how AiEGIS captures prompts and responses through that encryption.
AiEGIS does not break or intercept HTTPS at the network level. Instead, it hooks into the application layer — specifically the browser's JavaScript execution environment and native app APIs — where the content is decrypted before it is displayed to the user. The sensor reads at the point where the content is plaintext, not in transit.
Capture Methods
AiEGIS uses three capture methods depending on the deployment environment. Enterprise security teams should evaluate which methods are active in their deployment.
Browser Extension Hook
A browser extension (Chrome, Firefox, Edge) injects a content script into AI platform pages. The script reads prompt and response content from the page DOM after the browser has decrypted the HTTPS response. No TLS interception. No certificate manipulation.
Local Proxy (Optional)
For enterprise deployments requiring full API-level capture (including native apps), a localhost proxy can be configured with a company-issued CA certificate. Requires explicit deployment by IT with employee notice (Art. 26.7).
Native App API Hooks
For Copilot and enterprise SSO-integrated tools, AiEGIS can hook the native app's API client library. In scope for v0.6.
How Browser Extension Capture Works — Step by Step
The browser loads the page normally over HTTPS. The TLS connection is entirely standard — no interception, no custom certificates.
The AiEGIS browser extension's content script is loaded into the page context. It is scoped to the specific AI platform domains listed in the extension manifest (e.g., chatgpt.com, claude.ai).
The content script intercepts the prompt before it is sent — from the input field value, or by observing the fetch/XHR request body through the page's JavaScript context. At this point the content is plaintext.
/api/protect with the prompt
The extension sends the prompt to the local AiEGIS endpoint (or the cloud API, depending on deployment). All 15 security layers run — PII detection, injection scanning, policy enforcement.
If ALLOW: the prompt is sent to the AI platform normally. If WARN: the prompt is sent but logged and surfaced in the IT dashboard. If BLOCK: the prompt is intercepted before transmission — the AI platform never receives it.
The AI platform's response is captured from the page DOM after rendering and logged. Responses are not blocked in v0.5 — response enforcement is in scope for v0.6.
What Data Leaves the Device?
Prompt content is sent to AiEGIS for policy evaluation. In self-hosted deployments, this call goes to your own infrastructure — prompt content never leaves your organisation. In cloud deployments, prompts are sent over TLS to AiEGIS servers, processed, and not retained beyond the session log you control.
| Data Type | Captured? | Where Stored | Retention |
|---|---|---|---|
| Prompt text | Yes — for policy evaluation | Your infrastructure (self-hosted) or AiEGIS (cloud) | Configurable, default 90 days |
| AI response text | Yes — logged after render | Your infrastructure | Configurable |
| Employee identity | Agent ID (you assign) | Your infrastructure | Configurable |
| TLS keys / certificates | Never | N/A | N/A |
| Passwords / session tokens | Never — L10 redacts before logging | N/A | N/A |
| Non-AI web browsing | Never — extension scoped to AI domains only | N/A | N/A |
Coverage Scope and Limits
What AiEGIS Covers (v0.5)
Managed devices with the browser extension installed on Chrome, Firefox, or Edge. AI tools accessed via browser on those devices.
What AiEGIS Does Not Currently Cover
Personal / unmanaged devices: If an employee uses ChatGPT on a personal phone or home laptop, AiEGIS has no visibility. Organisations should address this through acceptable use policy and device policy — AiEGIS enforces on managed endpoints where it is deployed.
Native desktop apps (Copilot, etc.): The browser extension does not capture native app traffic. The optional local proxy deployment covers this. Native app hooks are on the v0.6 roadmap.
API integrations: If your applications call AI APIs directly (not through a browser), those calls go through /api/protect via the AiEGIS SDK — not the browser extension.
Security of the Sensor Itself
Enterprise security teams routinely ask whether the sensor creates a new attack surface. The honest answer:
- The browser extension is open to review — source available to enterprise customers under NDA on request.
- The extension uses the minimum required permissions: access to listed AI platform domains only, no persistent background network access.
- The local AiEGIS endpoint (for self-hosted deployments) runs on localhost and is not exposed externally.
- All communication between the extension and the AiEGIS API uses TLS with certificate pinning.
Enterprise security teams are welcome to request a technical architecture review session, source code review (under NDA), or a penetration test facilitation before deployment. Contact us via the info page.