Live AI governance for the browser tab era

Occlum

The company boundary for AI. Not another AI workspace.

Occlum finds where teams already use AI, then places a narrow protected policy boundary in front of known AI destinations so sensitive data can be masked, warned, justified, escalated, or blocked before it leaves.

Request 7-day pilot -> Watch the boundary
Starts without a root cert Discovery maps AI destinations with SNI-level telemetry only.
Enforces only known AI paths The Agent focuses on configured AI destinations, not the whole internet.
Keeps readable governance local Policies, review queues, and logs stay customer-controlled.

AI adoption already happened. Governance is late.

Employees do not leak data in dashboards.

They leak it in pasted prompts, browser tabs, copilots, contract summaries, support threads, and "just this once" AI workflows.

Banning AI teaches people to hide it.

Occlum gives security teams a practical middle path: discover first, set policy second, and enforce only where the risk actually crosses a boundary.

The landing page is the product thesis.

Occlum is not trying to become the place where work happens. It protects the moment work leaves for an AI system.

Discovery first

Earn the policy before asking for trust.

Occlum starts with a lightweight 7-day audit that answers the question executives actually ask: where is AI already being used, by which apps, and how often?

  • No HTTPS interception, no root certificate, no prompt inspection during Discovery.
  • Outputs a clean map of AI destinations, source processes, daily counts, and recommended starter policy.
  • Creates a credible rollout path for the Agent instead of a security mandate based on guesses.
7-day AI destination audit SNI only / no content
Observed hosts18
Top source processChrome
Starter modewarn + justify
chat.openai.comChrome412/day
claude.aiArc188/day
copilot.microsoft.comEdge93/day

Protected boundary

The prompt changes before the destination sees it.

The Agent routes configured AI destinations through a local proxy, sends only the necessary detection request through a protected cloud boundary, then applies policy on-device before the AI provider receives the final prompt.

01
Detect the risky contentClassify sensitive data with a strong protected model, not weak keyword-only rules.
02
Choose the least disruptive controlAllow, mask, warn, justify, escalate, or block based on policy and destination.
03
Give employees a path forwardWhen a prompt is close to the line, ask for context instead of instantly blocking work.
04
Leave local evidenceReadable logs and review queues stay in the customer's governance store.
OCCLUM POLICY BOUNDARY
Attested detection request id: 4f29
retention: none by default
readable log: local
MASK WARN JUSTIFY ESCALATE
Before Occlum Include the Acme renewal value, named customers, and internal board note.
After Occlum Include renewal context with and approved customer-safe placeholders.

Architecture

Strong detection. Narrow interception. Local proof.

Occlum is opinionated about the trust boundary: enforcement happens at the endpoint, detection runs in protected infrastructure, and readable governance state stays under customer control.

01

Device Agent

Routes only configured AI destinations through the local policy path. The rest of the internet remains outside the base control surface.

Scope known AI Policy source signed bundle Employee mode passive utility
02

Protected Detection

Uses high-quality model reasoning inside a protected boundary for sensitive content decisions, with raw prompts not retained by default.

Default retention none Receipts attested Goal best detection
03

Governance Store

Review queues, evidence, policy history, and readable logs stay customer-controlled for auditability and operator trust.

Readable logs local-first Review model admin-owned Delivery MDM / LAN / bundle

Governance surface

Not a wall of alerts. A decision record.

Security leaders need to explain why an action happened. Employees need to keep working. Occlum turns live decisions into reviewable local evidence instead of opaque AI policing.

Local governance review policy version 2026.05.18
Masked customer names before sending to ChatGPTSales Operations / Chrome / customer data class
REVIEW
Asked for justification on contract renewal promptLegal / Claude / confidential document context
APPROVE
Blocked board deck upload to unapproved AI destinationFinance / unknown AI endpoint / policy hard stop
ESCALATE

Built for companies that want to say yes to AI.

The point is not surveillance. The point is confidence: teams can use AI tools, admins can define boundaries, and auditors can inspect decisions without asking Occlum to host the company's readable governance memory.

01
Govern usage, not ambition.Start from where AI is already adopted. Build policy around real traffic instead of theoretical controls.
02
Keep friction proportional.A good governance layer should mask or warn when possible and block only when the policy demands it.
03
Use strong intelligence carefully.Detection quality matters, but the protected processing boundary matters just as much as the model.
04
Make trust inspectable.Policy history, review queues, and readable logs belong in the customer's control plane.

Run Discovery. Then protect the paths that matter.

Occlum is for the moment after "we should probably have an AI policy" and before a sensitive prompt becomes someone else's training, retention, or audit problem.

Request pilot -> Back to top