How it works
DLP that lives where the leak happens — the browser
Slopfence doesn't sit on your network or scan storage after the fact. It intercepts sensitive data at the exact moment an employee sends it to an AI tool, and stops it before it leaves the tab.
No proxy
Detection is client-side; no traffic is rerouted through our servers.
No VPN
Nothing to install on the network — just a managed browser extension.
Sub-second
Interception adds no perceptible latency to the AI request.
Ten policies, day one
SSNs, cards, AWS keys and PII patterns active on install.
- 01
The extension loads on AI tool pages
Deployed via Chrome/Edge GPO or MDM, the Slopfence extension activates only on the AI domains you scope — ChatGPT, Claude, Gemini and more. It injects a lightweight content script that patches window.fetch and XMLHttpRequest for that tab.
- 02
Every prompt and upload is intercepted before it sends
When a user hits send — or drops a DOCX, XLSX, PPTX or PDF into the chat — Slopfence captures the payload at the network boundary. Files are parsed and their text extracted client-side (JSZip for Office formats, a PDF parser, OCR for images) so scanning sees what's actually inside.
- 03
The content is scanned against your DLP rules
The extracted text runs through your policy set: ten built-in rules (SSNs, credit-card numbers, AWS keys, PII patterns and more) plus any custom regex, keyword, or file-fingerprint rules. Each match carries a severity and a 0–100 risk score, deduplicated so noise doesn't drown signal.
- 04
Block or alert — decided in milliseconds
A blocking rule cancels the request outright; the prompt never reaches the AI provider. An alerting rule logs the event and lets it through. Either way it happens client-side in well under a second — no proxy hop, no VPN, no traffic rerouted through Slopfence.
- 05
Violations land in an auditable trail
Every triggered rule is recorded with the user, platform, timestamp, matched rule name and a metadata snippet — scoped to your organisation and ready for compliance review. Full prompt content is evaluated but not retained after scanning.
Is Slopfence a man-in-the-middle proxy?
No. A MITM proxy reroutes and decrypts your traffic on the network. Slopfence never touches the network — it patches the browser's own fetch and XMLHttpRequest inside the tab, so scanning happens in the same place the user typed. That's why there's no certificate to install, no latency, and no single point your AI traffic funnels through.
Ready to fence off the slop?
Book a demo, start a free POC, or get a quote — a real human calls you back to scope your requirements.
Get started