guide
AI Agent Security Guide
Learn how to govern browser-based agents, prompts, and tool actions before they create risk.
Shield Web
Browser AI security for every prompt and workflow
Shield Web intercepts browser AI interactions before submission, enforcing policies, filtering prompts, and logging audits through managed extension via existing device management.
Deploy in minutes
No network reconfiguration
Provider-agnostic
The challenge
Browser AI security in browser workflows
Shield Web intercepts browser AI interactions before submission, enforcing policies, filtering prompts, and logging audits through managed extension via existing device management.
Employees use browser AI tools outside policy every day
ChatGPT, Claude, Copilot, and dozens of other AI tools are used in the browser with company data. No approval process. No audit trail. Your DLP does not see what goes into a prompt or what comes back out.
Shield WebObserve mode
1
Detect AI tool
ChatGPT, Claude, Copilot, or Gemini in the browser
2
Capture context
User, team, domain, prompt metadata, and session state
3
Classify data
Personal data, customer names, deal values, source code
4
Write audit event
Activity appears in Shield Control before enforcement is tuned
Policy enforcement before every browser AI interaction
Shield Web sits between the user and the AI provider inside the browser. Every prompt is inspected, classified, and governed by your policy before it leaves the browser tab. No proxy. No network changes. No disruption to the tools your team already uses.
Shield WebPolicy active
Prompt before Shield Web
Email [email protected] about ACME renewal value of $240k
Evaluate policy
Rules from Shield Control decide observe, redact, warn, or block
Redact entities
Plaintext values become <email:redacted> or <customer:redacted>
Block when required
High-risk prompts never reach the AI provider
Sync evidence
Decision, classifier result, and action are audit-ready
Sanitized prompt
Email <email:redacted> about <customer:redacted> renewal value of <deal:value:redacted>
Capabilities
Shield Web controls
Shield Web sits between the user and the AI provider inside the browser. Every prompt is inspected, classified, and governed by your policy before it leaves the browser tab. No proxy. No network changes. No disruption to the tools your team already uses.
From visibility to enforcement
Start by observing browser AI usage, then activate redaction, approvals, or blocking where the audit trail shows risk.
Real-time tool-call interception
Every AI prompt, upload, and workflow action is intercepted and inspected before submission. Policy decisions happen in real time, not after the fact.
Agent kill switch
Terminate AI agent sessions that exceed policy boundaries. Kill switch controls are enforced at the browser level with immediate effect.
Full agent audit trace
Every agent action, tool call, and decision is logged in a structured audit trail. Trace agent behavior across sessions for compliance review and incident investigation.
Human-in-the-loop approvals
High-risk actions trigger approval gates. Designated approvers review and authorize before the request reaches the model.
Per-agent policy rules
Define granular policies per AI agent, model provider, and use case. Different agents get different controls based on risk profile and data sensitivity.
Provider-agnostic
Shield Web works across AI providers — OpenAI, Anthropic, Google, and others. One extension governs all browser AI interactions regardless of provider.
FAQ
Questions teams ask about Shield Web
Questions teams ask about Shield Web
How does Shield Web deploy?
Shield Web deploys as a managed browser extension through your existing device management tooling — Google Workspace, Microsoft Intune, Jamf, or similar. No network reconfiguration or proxy setup required.
Does Shield Web slow down AI tools?
Policy evaluation happens in milliseconds. Users experience no meaningful delay in their AI workflows. The extension is designed for transparent operation.
Which AI tools does Shield Web support?
Shield Web is provider-agnostic and works with ChatGPT, Claude, Copilot, Gemini, and other browser-based AI tools. New provider support is added continuously.
Can I set different policies for different teams?
Yes. Shield Control supports group-based and role-based policy assignment. Engineering, legal, and operations teams can each have policies scoped to their AI usage patterns and risk profile.
What happens if an employee tries to bypass the extension?
Shield Web includes tamper detection and compliance monitoring. Attempts to disable or circumvent the extension are logged and can trigger alerts in Shield Control.
Need a browser security walkthrough?
A product and security specialist will reply within one business day
Related
Go deeper on browser AI security
glossary
AI Agent Security Glossary
Clarify the terms behind AI agent risk, prompt controls, approvals, and audit trails.
product
Shield Control
Manage policies, approvals, and audit evidence for Shield Web and every other AI surface.
Get a 30-minute technical demo
A product and security specialist will reply within one business day