Features span all five products β SecureMind, Breach-Intel, Sentinel, Rapidsecureclaw, and Security Plugin. Every layer operates independently; any single component can fail and the others still protect.
2-layer path + content DLP. Blocks .env, .pem, credentials, SSH keys by filename, extension, and content scanning. Confidence-scored validation (Luhn, SSA, entropy).
20+ shape-based regex rules. Blocks env dumps, pipe exfiltration, encoded commands, credential headers, scripted HTTP exfil. Low-confidence rules escalate to LLM verification.
4-layer pipeline: PII regex scan (10 decoding sublayers) β intent keywords β Pydantic classification rules β pluggable LLM verification (Ollama/Anthropic/OpenAI).
Detects SSN, credit cards, API keys, JWTs, database URLs, private keys in inputs and outputs. Confidence-scored β Luhn for CC, SSA rules for SSN, entropy for secrets.
Tags sensitive data at ingress (file read, prompt). Detects at egress (tool call args, API responses) via SHA-256 hash + n-gram Jaccard. Cross-session persistence (24h TTL).
OCR via Tesseract, QR/barcode decode via pyzbar, EXIF metadata extraction. Extracted text runs through the full DLP pipeline with confidence scoring.
OWASP Top 10 SAST-lite β SQL injection (CWE-89), XSS (CWE-79), command injection (CWE-78), path traversal, SSRF, insecure deserialization, hardcoded secrets. Integrated into Write/Edit hook.
14-model catalog across 4 providers. Task classifier detects code/chat/analysis/creative/math/simple. 5 strategies: auto, cheapest, fastest, best_quality, local_only. Failover across providers.
3 enforced modes. full_privacy: ollama-only, all cloud blocked. balanced: cloud allowed with DLP. permissive: log-only. One curl command switches the entire org.
Registry of 12+ AI tools (Copilot, Cursor, Claude Code, Tabnine, Codeium, Windsurf, Aider, Continue, etc.). Process scanning + config file detection. Approved vs unauthorized.
Registers proprietary code via n-gram fingerprinting. Detects when similar code appears in prompts even with renamed variables (Jaccard similarity). Locality-aware thresholds.
SQLite-backed graph of AGENT, THREAT, DATA_ASSET, SESSION nodes with typed edges. TTL expiry, event logging, incident chain traversal. Syncs to Obsidian vault.
Obsidian-compatible vault: daily logs, threat intel notes, incident reports, agent profiles, policy decisions. YAML frontmatter + wiki-links for graph visualization.
Simon Willison pattern β tracks private data access + untrusted input + external comm. When all 3 active, blocks MCP tools with network capabilities. State persisted.
MCP tool calls and function invocations intercepted. Arguments scanned through DLP + taint registry. Blocks exfiltration through the agent's own tools.
Centralized policy management with versioning, agent enrollment (register/approve/revoke), cross-agent event ingestion, org-wide dashboard. 14 API endpoints, RBAC with 4 roles.
Auto-detects AI agents by process ancestry (PPID tree walking). Input cadence detection distinguishes AI bursts from human typing. Bash + zsh support. Humans never blocked.
Org-wide policy push with per-team overrides. Scheduled mode changes (e.g., full_privacy during market hours). Audit trail with actor/timestamp/reason. Webhook alerts.
DLP blocks and PII redactions auto-emit breach events. 6 event types with severity levels. SHA-256 dedup. Fire-and-forget β zero latency impact on the DLP path.
Base64 decode layer for encoded payloads. Credential detection in API requests. Multi-step exfiltration chain detection. Blocks attacks that evade surface-level scanning.
Single-port access at :8000. Gateway proxies breach engine automatically. DLP blocks, breach classifications, PII detections, routing β all from one URL.
One command auto-detects VS Code, Cursor, Claude Code, Copilot, Windsurf, Aider, Continue, Tabnine, Codeium. Drops configs, ignore files, and hooks automatically.
DLP scan + vulnerability scan on every git commit. Blocks secrets and SQL injection before they enter git history. Works with pre-commit framework or standalone.
Scans PR diffs for PII, credentials, and OWASP vulnerabilities. Posts findings as PR comments with severity badges. One workflow file covers the entire org.
11-tab React UI: Overview, Events, Traces, Breaches, Privacy, Shadow AI, Graph, Routing, Block Rules, Agents, Settings. Real-time SSE updates.
3-service compose: gateway (8000), LLM proxy (18790), breach engine (8081). Optional Ollama sidecar. Non-root container, capability-dropped.
Client-side DLP for ChatGPT, Claude, Gemini, Grok, Perplexity, DeepSeek, Meta AI, HuggingChat. Blocks PII before it reaches any cloud AI. India PII: Aadhaar, PAN Card, Indian phone.
Including 274 red-team attack techniques, 55-agent Docker harness (100% detection), 54-test ingress guard suite, 53-test smart router suite, Terminal Guard test suite, and PII evasion eval with 10 encoding variants.