Northbeams inspects AI activity where it happens, on the device. The browser extension and desktop apps classify prompts and MCP arguments locally. Only category labels, counts, severity, a redacted and hashed snippet, and per-user attribution leave the endpoint. Raw prompt text, MCP argument values, keystrokes, and non-AI browsing never leave it. Because there is no proxy and no man in the middle certificate, we do not decrypt your traffic in the network path, and there is no network change to make.
Data in transit to monitor.northbeams.com is protected with TLS 1.2 or higher. Customer data at rest is encrypted with AES-256 on Google Cloud, with keys managed in Google Cloud KMS.
Enterprise customers use SAML single sign-on and SCIM provisioning with Okta, Microsoft Entra, Google Workspace, and WorkOS, so joiners and leavers follow your directory. Inside Northbeams, role-based access controls separate what admins, analysts, and viewers can see and do. Internally, we follow least-privilege access to production systems.
Deploy the browser extension and the Mac and Windows apps through the MDM you already run: Microsoft Intune, Jamf, or Kandji. There is no proxy to stand up and no certificate to push. Enforcement actions (block, sandbox, allow, and pause a user's AI access) are reversible from the console with one click.
Every AI event lands on an append-only, cryptographically signed log with per-user attribution, so the audit trail cannot be quietly edited after the fact. You can stream those events into your own SOC. Splunk HEC and Microsoft Sentinel are supported today, and Datadog is available on request.
The Service runs on Google Cloud, with customer data in Firestore and Cloud Storage. We use managed backups and isolated service accounts. Data is stored in the United States by default, and Enterprise customers can request EU data residency. See our Sub-processors page for the vendors involved and where they operate.
The Service has been independently penetration-tested, and the findings were remediated. A summary is available under NDA. Northbeams is a GTIA member and a Drata Alliance member. For how Northbeams helps you meet frameworks such as the EU AI Act, ISO 42001, and SOC 2 for your own audits, see Compliance. For the wider picture, visit our Trust Center.
If you believe you have found a security issue, email [email protected] and we will respond. Please give us enough detail to reproduce the issue, and give us reasonable time to fix it before any public disclosure. We follow a coordinated-disclosure practice: report privately, we investigate and remediate, and we credit researchers who work with us in good faith.