SOC 2 Type II — Private DLP blocks locally, we don't see your data.

Monitor and control
what your employees send to AI.

Blacksight scans every prompt before it reaches ChatGPT, Claude, Gemini and 300+ other AI services — blocking and redacting PII, secrets, and custom patterns you define — in real time. All scanning runs locally. No data ever leaves your network.

Get Started Free See a sample report
chat.openai.com
BLACKSIGHT · LOCAL DLP
Customer PII API key Internal code Clean prompt
j.warren@acme · typing prompt 0/113 chars
Idle — waiting for input
Browser Extension
Monitors every AI web app — ChatGPT, Claude, Gemini, 300+
Endpoint Agent
Protects every app on the device — CLI tools, desktop AI, remote workers
 Blacksight Gateway G1
Gateway Device
Covers your whole office network — BYOD, contractors, unmanaged devices
Free for 5 devices No credit card Results in 10 minutes No data leaves your network
82%
of employees use AI tools at work, often on personal accounts your IT can't see.
— Microsoft Work Trend Index '24
55%
have pasted sensitive data — customer info, internal code, financials — into a public AI.
— Cyberhaven research
$4.8M
average cost of a data breach involving shadow AI usage in 2025.
— IBM Cost of a Data Breach
Sample 30-day report

This is what's leaving your company
right now — without you knowing.

A real snapshot from a 5-person pilot. Just counts and risk scores on the free tier — pay $7/user to see prompts, block, and redact. Now imagine your whole company.

acme-corp.com
last 30 days · 5 users LIVE
Total scans
312
↑ 41% vs last month
Blocked
24
PII, code, credentials
Redacted
18
SSN, emails auto-stripped
Active policies
6
Devices
5 / 50
Risk score
High
7.8 / 10
Scan volume
Allowed Redacted Blocked
Free tier shows counts & risk scores. Pay $7/user/mo for prompt details, blocking, redaction, and custom policies. View plans →

What is AI data loss prevention? AI DLP is a security layer that scans every prompt employees send to AI tools like ChatGPT, Claude, and Copilot — detecting and blocking sensitive data (PII, credentials, source code) before it leaves your organization. Unlike traditional DLP, AI-specific DLP understands the unique risks of conversational AI workflows.

How does Blacksight work? Blacksight deploys a browser extension and optional network gateway that intercept AI-bound traffic, scan it locally against 200+ detection rules, and enforce block/redact/warn policies — all without sending prompt content to our servers.

Two ways to deploy

Cover every employee, every device — wherever AI usage happens.

Run them together for full coverage, or pick the one that fits your environment.

chat.openai.com/c/new
Blacksight
PROMPT BLOCKED
Detected: 1 SSN, 2 emails. Click to redact and resend.
→ Browser extension & Endpoint agent

Catch leaks at the keyboard.

A Chrome, Edge, Firefox and Safari extension that sees every prompt typed into any AI web app. Plus an endpoint agent that covers CLI tools, desktop AI apps, and remote workers. DLP scanning runs locally — we never see your data.

Works across 300+ AI tools

Endpoint agent runs on

  • Redacts SSNs, API keys, credit cards, proprietary code in-place
  • Deploys via MDM, Group Policy, or one-click for self-managed devices
  • Blocks before it gets sent to AI
Learn more Install in 60 sec
Blacksight Gateway G1
→ AI Gateway device

One box. Whole-network coverage.

A small appliance that sits on your office network and inspects AI traffic from every device — desktop apps, CLIs, BYOD phones, even devices you don't manage. As long as they are connected to your company WiFi/Ethernet or even your guest network.

  • Catches Cursor, Claude Desktop, Raycast AI, and CLI agents the extension can't see
  • Plug-and-play: one router setting, done in under 15 minutes
  • Decrypts AI-bound HTTPS via cert pinning — never inspects unrelated traffic
  • Blocks before it gets sent to AI
Learn more From $999
Dashboard

Everything your security team needs in one place.

Logs, policy, alerts, and audit-grade reports — all unified across the extension and gateway.

Activity overview

Live feed of every AI prompt across your org, filtered by destination, user, sensitivity, or policy outcome.

Policy enforcement

200+ pre-built rules out of the box. Add your own for industry-specific data — banking CID, healthcare PHI, internal project names. Block, redact, warn, or log.

Real-time alerts

Slack, email, or webhook the moment a critical-severity leak fires. Triage from the alert.

Compliance reports

Pre-built reports for SOC 2, HIPAA, GDPR, and ISO 27001. Export as PDF or schedule by email.

Users & groups

SSO with Google Workspace, Microsoft 365, Okta, OneLogin, JumpCloud, or SAML. Organize users into groups and assign policies per team, department, or role — with individual overrides.

Shadow AI detection

Surface every unsanctioned AI tool your employees use — even ones IT has never heard of.

Integrations

Connects with your identity provider

Onboard your entire organization in minutes. Connect your identity provider and every team member gets access automatically.

Google Workspace
Microsoft 365
Okta
1
OneLogin
JumpCloud
SAML
SAML 2.0
Privacy architecture

We protect your data by never seeing it.

DLP scanning runs entirely inside the browser extension or on the gateway appliance — on your machines, on your network. Only the verdict (allowed / blocked / redacted) plus metadata is sent to Blacksight. The actual prompt content never leaves your perimeter unless you opt in.

SOC 2 II GDPR HIPAA-ready ISO 27001
Employee browser / device your perimeter
↓ prompt scanned locally
Sensitive data detected → redacted never sent
Cleaned prompt → AI service 200 OK
↓ verdict + metadata only
Blacksight dashboard audit log

Want to dive deeper?

See all features View pricing
Blog

Latest from the blog

Research, analysis, and practical guidance on AI security and data protection.

May 20, 2026

The Future of Enterprise AI Security: From Visibility to Control

Where AI security is headed: real-time scanning, policy engines, agent-level enforcement, and the shift from watching to controlling.

Read article →
May 10, 2026

Building an AI Acceptable Use Policy: A Guide for Security Teams

Every organization needs an AI acceptable use policy. Here's what to include, how to enforce it, and the mistakes to avoid.

Read article →
May 08, 2026

5,000 Vibe-Coded Apps Are Leaking Corporate Data Right Now. Yours Might Be One of Them.

A new study found thousands of AI-built web apps exposing medical records, financial data, and corporate secrets with zero authentication. This is the S3 bucket crisis all over again, but worse.

Read article →
View all articles →

Free for 5 devices. Or start
a 14-day trial of the full platform.

Install our Browser Plugin (Chrome, Firefox, Edge, Safari) on 5 devices right now and see results in 10 minutes. Every signup includes a 14-day trial of the Business plan — blocking, redaction, and custom policies included.

Get Started Free Talk to sales