Govern the AI apps on every desktop.

ChatGPT, Claude, and Copilot all ship native desktop apps that talk to models outside the browser. Cerbera inspects every prompt those apps send from the device, redacts what is sensitive, and blocks the apps you have not approved.

ChatGPT
Cursor
Windsurf
Copilot
Hermès
Claude
Notion
Gemini
DeepSeek
Mistral
Zed
Cline

[Problem]

Native apps slip past your browser controls.

A desktop AI app is just another process making network calls. It never opens a tab, so anything that only watches the browser never sees it.

01

Desktop apps bypass browser DLP.

The ChatGPT and Claude desktop apps send prompts straight to the model, with none of the controls you put on the browser.

02

Local model apps exfiltrate quietly.

Ollama, LM Studio, and a dozen menu-bar assistants read files and clipboards, then call out to endpoints no one approved.

03

Auto-updates change behavior overnight.

A desktop app updates itself, adds a feature, and starts sending new data, with no review and no record on your side.

[How it works]

Inspect every app, on the device.

Cerbera sits inline as a transparent proxy on the device, so every desktop app is covered by the same policies as the browser and the terminal.

On-device prompt inspection

Every prompt and API call a desktop app makes is inspected inline. Secrets, source code, and PII are caught before the request leaves the machine, in under 5ms.

Redact instead of block

Replace a secret with a placeholder before the prompt is sent, so the app still answers and your team keeps working. No broken workflows.

App allow and block lists

Approve the desktop apps you trust and block the rest, per team or per data classification. Kill a risky app across the whole company in one move.

Full audit trail, on your terms

Every app-to-model decision can be logged for evidence. Logging is opt-in and yours to control, off until you turn it on.

[Apps]

Works with every desktop AI app.

ChatGPT, Claude, Copilot, Cursor, and the local model apps your team installs next. One on-device layer covers them all, so a new app is a policy decision, not an engineering project.

GPT-4oGPT-4o
ClaudeClaude
CursorCursor
CopilotCopilot
GeminiGemini
DeepSeekDeepSeek
WindsurfWindsurf
MistralMistral
Claude CodeClaude Code
Meta AIMeta AI
GPT-4oGPT-4o
ClaudeClaude
CursorCursor
CopilotCopilot
GeminiGemini
DeepSeekDeepSeek
WindsurfWindsurf
MistralMistral
Claude CodeClaude Code
Meta AIMeta AI
GeminiGemini
DeepSeekDeepSeek
WindsurfWindsurf
MistralMistral
Claude CodeClaude Code
Meta AIMeta AI
GPT-4oGPT-4o
ClaudeClaude
CursorCursor
CopilotCopilot
GeminiGemini
DeepSeekDeepSeek
WindsurfWindsurf
MistralMistral
Claude CodeClaude Code
Meta AIMeta AI
GPT-4oGPT-4o
ClaudeClaude
CursorCursor
CopilotCopilot
WindsurfWindsurf
MistralMistral
Claude CodeClaude Code
Meta AIMeta AI
GPT-4oGPT-4o
ClaudeClaude
CursorCursor
CopilotCopilot
GeminiGemini
DeepSeekDeepSeek
WindsurfWindsurf
MistralMistral
Claude CodeClaude Code
Meta AIMeta AI
GPT-4oGPT-4o
ClaudeClaude
CursorCursor
CopilotCopilot
GeminiGemini
DeepSeekDeepSeek

[Trust]

Works everywhere. Leaks nothing.

Privacy by design

Detection runs locally on the device. Nothing leaves your network by default, and prompt logging is opt-in.

  • >Detection engine runs locally on the endpoint
  • >Nothing leaves your network by default
  • >Request and response logging is opt-in
  • >Your intellectual property stays yours

Transparent AI proxy

All AI traffic flows through Cerbera's transparent proxy with negligible latency. Teams never notice it is there.

  • >Around 100ms at P99, invisible against multi-second AI responses
  • >Real-time inspection of prompts, responses, and tool calls
  • >Works across native apps, browser, CLI, and API traffic
  • >Coexists with your VPN and DNS proxy

Deploy with any MDM

Push desktop-app protection to every endpoint in your org instantly through Jamf, Intune, Kandji, or any MDM.

  • >Fleet-wide deployment in minutes
  • >One-click install and removal
  • >No manual setup per device
  • >Evidence mapped to ISO 27001, ISO 42001, EU AI Act, and SOC 2

[FAQ]

Frequently asked questions

Cerbera runs as a local proxy on the device, so it inspects the network calls a desktop app makes the same way it inspects browser and CLI traffic. Detection runs locally, and nothing leaves your network by default.

No. Redaction happens in under 5ms on the device, and the proxy adds around 100ms at P99, invisible against the multi-second responses these apps already take.

Yes. Whether an app calls a hosted model or a local one, its traffic flows through the same proxy, so you can inspect, redact, or block it under one set of policies.

Yes. Every rule can run in monitor-only mode first, so you see exactly what would be redacted or blocked before you enforce anything.

[Coverage]

One proxy. Every surface.

Cerbera secures all four surfaces from one transparent proxy. Explore each.

[Get Started]

See what your desktop apps are really sending.

Turn on inspection in an afternoon, watch what would leave in monitor-only mode, then switch on redaction and app controls when you are ready.