SentraGuard
GenAI security & observability across browser, IDE, API, and endpoint/runtime
SentraGuard unifies GenAI security and observability across browser, IDE, API, and endpoint/runtime surfaces through a centralized backend, giving organizations full visibility and consistent guardrails across modern AI usage.

How SentraGuard Works
A single centralized backend connects every GenAI surface — browser, IDE, programmatic API, and endpoint/runtime — and enforces consistent observability, DLP, and guardrails across modern AI usage.
API-first • Asynchronous • CPU-only
One backend. Five surfaces.
Every surface — browser, IDE, API, and endpoint/runtime — connects to the same centralized backend for observability, correlation, policy evaluation, and guardrail decisions.
Centralized Backend
API-first system of record for observability, correlation, policy, and guardrails.
Browser
Plugin-based protection for browser-native GenAI usage.
IDE
Guardrails inside Cursor, VS Code, and Copilot-driven workflows.
Programmatic / API
Monitoring for Python and language-based GenAI API usage across enterprise control planes.
Endpoint / Host Agent
Captures GenAI activity outside browser and gateway visibility — across hosts, VMs, and containers.
Centralized Backend
API-first system of record for observability, correlation, policy, and guardrails.
- Single centralized backend that all product surfaces connect to via API
- API-first architecture for consistent integration across browser, IDE, gateway, and endpoint layers
- Asynchronous near real-time processing with no material user or system impact
- CPU-only design — no GPU dependency
- Deployable on Kubernetes, cloud, or on-prem enterprise platforms
- System of record for observability, correlation, policy evaluation, and guardrail decisions
Browser
Plugin-based protection for browser-native GenAI usage.
- Browser plugin connecting browser-based GenAI usage to the centralized backend
- Detects jailbreak attempts and policy evasion patterns
- Enforces data leakage prevention (DLP) for browser-based GenAI interactions
- Configurable file-upload moderation by file type
- Evaluates uploaded content for indirect prompt injection and content sensitivity
IDE
Guardrails inside Cursor, VS Code, and Copilot-driven workflows.
- Integrates with Cursor, Visual Studio Code, and Copilot-driven workflows
- Connects IDE prompts, model usage, and agent activity back to the centralized backend
- Extends guardrails and observability into AI-assisted software engineering
- Helps organizations govern AI-assisted development without breaking developer productivity
Programmatic / API
Monitoring for Python and language-based GenAI API usage across enterprise control planes.
- Monitors Python and other language-based GenAI API usage
- Works alongside existing API gateways and enterprise control planes — no infra replacement
- Routes relevant traffic, metadata, and inspection signal into existing gateway and backend workflows
- Supports service-to-service, embedded GenAI, and enterprise application integration patterns
Endpoint / Host Agent
Captures GenAI activity outside browser and gateway visibility — across hosts, VMs, and containers.
- Host and endpoint agent capturing GenAI activity outside traditional browser and gateway visibility
- Covers CLI tools, local SDK usage, scripts, services, containers, agentic runtimes, and developer workstations
- Deployable across bare metal, VMs, cloud instances, on-prem servers, and container hosts
- Deep host-level telemetry on Linux — strong visibility for containerized and host-native workloads
- macOS support for runtime-linked observability and backend-connected endpoint signal
- Enriches events with provider ID, process context, runtime metadata, and bypass-risk indicators
- Sends observability and security events asynchronously to the centralized backend
Architecture Principles
Engineered to fit modern enterprise infrastructure without forcing rip-and-replace.
API-first
Every surface integrates over a consistent API contract — no proprietary lock-in.
Async, near real-time
Asynchronous processing keeps user and system impact negligible while signal stays current.
CPU-only, no GPU
Runs on standard CPU infrastructure — predictable cost, no scarce hardware dependency.
K8s, cloud, on-prem
Deploy on Kubernetes, public cloud, or fully on-premises — including air-gapped environments.
Why a unified platform matters
Modern GenAI usage is not confined to one surface — and neither is risk. SentraGuard treats browser, IDE, API, and endpoint/runtime as one estate, governed from a single backend.
Single platform, every surface
GenAI observability, DLP, and guardrails across browser, IDE, API, and endpoint/runtime — governed from one centralized backend.
Stronger bypass resistance
Coverage at both user-facing and host/runtime layers makes it materially harder to evade controls by switching surfaces.
Enterprise-integration friendly
Slots into existing API gateways, developer environments, and endpoint estates — no infrastructure replacement required.
Full visibility, anywhere AI runs
Cloud, on-prem, workstation, VM, and containerized GenAI usage patterns all roll up to the same system of record.
Coverage Across the Modern AI Estate
Wherever GenAI shows up — managed or unmanaged — SentraGuard provides observability and guardrails.
Browser-based GenAI
ChatGPT, Claude, Gemini, Perplexity and other browser-native AI assistants used by employees.
AI-assisted development
Cursor, Visual Studio Code, GitHub Copilot, and Copilot-driven workflows used by engineering teams.
Programmatic GenAI APIs
Python and other language SDKs calling provider APIs from enterprise applications and services.
Local & host-level usage
CLI tools, local SDKs, scripts, services, and developer workstation activity outside browser/gateway visibility.
Containers & agentic runtimes
Containerized workloads, agentic runtimes, and orchestrated AI services running on hosts you operate.
File-based AI workflows
File uploads into GenAI tools — moderated by file type, scanned for indirect prompt injection and sensitive content.
Integrate SentraGuard from code
Bring SentraGuard's guardrails, observability, and runtime agent governance directly into your applications and pipelines with published Python and JavaScript packages.
sentraguard-sdk
Python
Python SDK to send GenAI traffic, prompts, and tool calls to the SentraGuard backend for DLP, jailbreak detection, and prompt injection evaluation.
pip install sentraguard-sdksentraguard-agent
Python
Runtime agent that monitors and governs autonomous agent actions and tool calls — enforcing allow-lists, context integrity, and privilege boundaries in real time.
pip install sentraguard-agent@sentraguard/sdk
JavaScript / TypeScript
JavaScript / TypeScript SDK to instrument Node.js and browser-based GenAI usage and connect it to the centralized SentraGuard backend.
npm install @sentraguard/sdk