Skip to content
diodos
DLP for AI Agents and LLM Providers

AI DLP and governance for every agent, CLI, and developer tool.

Diodos routes AI egress through a managed gateway, masks sensitive data locally before plaintext leaves the device, and gives security, engineering, and finance teams audit-ready visibility into usage, findings, cost, and anomalies.

Every feature available in Diodos today stays free forever.

  • Local-first masking
  • AI agents & LLM providers
  • LDAP / Active Directory
  • Proxy chaining (PAC / HTTP)
  • LLM cost limits
  • Kubernetes · OpenShift · Helm
Product preview

Overview

Diodos control plane

Live24h
Requests today
1,284
AI cost today
$42.18
Masked findings
318
High-risk requests
7
Online clients
12
Active anomalies
3
Request & masking trend
RequestsMasked
Top models
  • claude-sonnet-4-6612
  • gpt-5.5388
  • gemini-2.5-pro284
Developer tool
Agent · CLI · IDE · browser
Local Diodos agent
Local-first masking
Egress gateway
Signed policy & rules
Frontier model
Masked payload

AI egress path: plaintext is masked on the device before it leaves.

The risk

Your team is already using AI. The risk is what you can't see.

Shadow AI adoption moves faster than governance. Diodos gives you the egress layer to see it, control it, and prove it.

01

Customer data pasted into AI tools

Names, emails, contracts, and support tickets flow into chat windows with no record of what left.

02

Secrets and credentials sent to LLMs

API keys, tokens, and database URLs end up in prompts, then in provider logs you don't control.

03

Dev tools using AI with no central view

Claude Code, Cursor, Codex, and CLIs call models directly, outside any security review.

04

Cost blind spots

Subscriptions and API keys spread across teams with no per-user, per-tool, or per-model breakdown.

05

No audit trail

When security asks "what did we send to which model?", there is no answer to give.

06

Shadow AI without governance

Adoption happens from the bottom up while leadership owns the risk, with no policy in between.

Local-first masking

Frontier models get the context. Not your raw customer data.

Paste a log, a stack trace, or a ticket. Diodos detects the sensitive values and replaces them with stable placeholders on the device, before any plaintext leaves. The model still gets the context it needs.

What the developer pastes
Fix this NullPointerException in OrderService: ERROR OrderService: charge failed for customer Ayşe Yılmaz phone=+90 532 123 45 67 tckn=12345678901 card=4111 1111 1111 1111 at OrderService.charge(OrderService.java:142)
What the model receives
Fix this NullPointerException in OrderService: ERROR OrderService: charge failed for customer [PERSON_1] phone=[PHONE_1] tckn=[NATIONAL_ID_1] card=[CARD_1] at OrderService.charge(OrderService.java:142)
Sensitive valuePlaceholder
Customer data does not need to reach frontier models in raw form.
  • Masking runs locally on the agent, not on a server.
  • Each finding is matched to a signed masking policy.
  • Values become typed placeholders like [PHONE_1] or [NATIONAL_ID_1].
  • The original-to-placeholder mapping stays on the device.
Capabilities

One governed path for every AI surface.

From the local agent to the control plane: the controls security, platform, and finance teams actually ask for.

Local-first masking

The agent masks policy-matched secrets and PII on the device, before AI traffic leaves the local environment.

Managed egress gateway

Route AI traffic from tools, agents, CLIs, desktop apps, browser AI surfaces, and provider APIs through one governed path.

Signed policy bundles

Masking and egress rules ship as signed bundles; clients sync and verify them before enforcing.

Granular egress rules

Route, mask, or block by host, path, provider, and wire format. Unsupported surfaces report instead of silently bypassing.

Cost monitoring & limits

See estimated cost by user, client, tool, provider, and model. Set rolling-window limits that block before the provider is hit.

Anomaly detection

Catch high-risk requests, finding bursts, and high estimated cost as they happen.

Audit logs & exports

Audit-ready event history with CSV and SIEM-friendly export for security review.

RBAC & tenant isolation

Permission-checked handlers with Postgres row-level security enforced at the database, not just the API.

Realtime control plane

Policy updates, token rotation, quarantine, and remote uninstall over a typed allowlist that cannot carry arbitrary commands.

Coverage

Works with the AI your teams already use.

Built-in support for major providers, web AI surfaces, and developer agents, plus custom egress rules for everything else.

Web AI surfaces

  • chatgpt.com
  • claude.ai
  • gemini.google.com

Provider APIs

  • OpenAI
  • Anthropic
  • Google
  • Azure OpenAI
  • OpenRouter
  • Mistral
  • Groq
  • + more

Developer agents & tools

  • Claude Code
  • Codex
  • Cursor
  • opencode
  • Antigravity

Each tool is governed through its CLI/agent and settings or OS-proxy surface; coverage depth depends on that surface.

Using a different provider or in-house tool?Define your own egress rules by host, path, provider, and wire format, so each team can govern the providers and tools it actually uses without rewriting anything.
Cost control

See every dollar. Stop runaway spend before it happens.

Diodos stamps each request with tenant-scoped model pricing, so finance and platform teams get an honest, provider-independent cost view, plus hard limits when they need them.

  • Cost broken down by user, client, tool, provider, and model
  • Honest estimates from a per-model pricing catalog
  • Unknown models cost $0 until priced, so numbers are never fabricated
  • High-cost anomalies flag runaway usage early

Rolling-window cost limits

Enforced
scope5h7dmo
All clientsanthropic
$100$500$2,000
macbook-pro-alexgpt-5.5
$20$80$300
ci-runner-02all egress
$15$60$200

Set limits per client, egress rule, provider, or model. When a 5-hour, 7-day, or monthly limit is reached, Diodos blocks the request before it reaches the provider. Sensible defaults apply until you tune them.

Enterprise-ready

Built for enterprise rollout, not just a local demo.

System install, fleet control, and deployment paths that survive real environments.

LDAP / Active Directory auth

Authenticate users against your existing LDAP or Active Directory and map directory groups to roles.

Chains to your existing proxy

Already run a corporate proxy? Diodos chains to it upstream via PAC or HTTP/HTTPS instead of replacing it.

System install for managed fleets

Admin/root or MDM install with protected service, config, state, log, and CA paths.

OS / PAC egress capture

Signed host/path/provider rules with GNOME/KDE, networksetup, and WinINET backends.

Remote uninstall & offboarding

Decommission agents from the control plane when a device or a person leaves.

Tenant isolation by Postgres RLS

Cross-tenant leaks are tested at the database level, with soft-delete-aware policies.

RBAC & permission checks

Role-based access on every handler, with audit on sensitive actions.

SIEM & audit export

Stream audit events to your SIEM and export findings and costs as CSV.

The product

Show, don't tell.

The Diodos control plane gives security, engineering, and finance one view of governed AI usage.

Product preview

Overview

Diodos control plane

Live24h
Requests today
1,284
AI cost today
$42.18
Masked findings
318
High-risk requests
7
Online clients
12
Active anomalies
3
Request & masking trend
RequestsMasked
Top models
  • claude-sonnet-4-6612
  • gpt-5.5388
  • gemini-2.5-pro284
Diodos overview dashboard showing AI requests today, AI cost today, masked findings, high-risk requests, online clients, and a request and masking trend chart.
Product preview

Findings

FindingSeverityActionTime
EMAILClaude Code
HighMasked2m
SECRETCursor
HighBlocked6m
CARDChatGPT
HighMasked9m
PHONECodex
MediumMasked14m
IBANGemini
MediumMasked21m
Diodos findings page listing masked PII and secrets by data type (email, secret, credit card, phone) with severity and action.
Product preview

Costs

ModelTokensCostSource
claude-sonnet-4-6anthropic
4.2k$0.182Auto
gpt-5.5openai
2.8k$0.094Auto
gemini-2.5-progoogle
6.1k$0.058Estimated
claude-opus-4-1anthropic
1.4k$0.210Auto
Diodos costs page breaking down LLM cost by model and provider with token usage and pricing source.
Product preview

Clients

ClientStatusRequestsCost
macbook-pro-alexAgent 1.0.0
Online412$14.20
ws-eng-04Agent 1.0.0
Online388$11.80
ci-runner-02Agent 1.0.0
Offline156$4.10
mbp-design-02Agent 0.9.8
Online240$7.60
Diodos clients page listing enrolled devices with operating system, online and offline status, agent version, requests, and cost.
Deployment

Try Diodos locally in about 5 minutes.

One compose stack for a local trial. Helm charts, GHCR images, and OpenShift for production.

Docker Compose

~5 min
1Clone and start the stack
bash
git clone https://github.com/epimathea/diodos.git
cd diodos
cp .env.example .env
docker compose up -d
2Open the dashboard
bash
# macOS / Linux / Windows
open http://127.0.0.1:17630/en

.env.example ships dev-only, clearly labelled secrets. Copy it to .env and rotate them before any non-local use. Past a loopback trial, also set DIODOS_API_PUBLIC_URL and DIODOS_WEB_PUBLIC_URL to the browser-visible origins; the API uses DIODOS_WEB_PUBLIC_URL as the exact CORS origin.

Production paths

Helm charts, GHCR release images, Kubernetes, and OpenShift for production, backed by external Postgres 17+ and S3-compatible object storage (MinIO or AWS S3).

Read the deployment docs
Before / after

Unmanaged AI usage vs. Diodos-governed egress

Same tools, same models. A completely different risk posture.

Data sent to the model
Unmanaged AI usageEmployees decide what to paste.
Diodos-governed egressSensitive values are masked on the device first.
Visibility
Unmanaged AI usageNo record of who sent what.
Diodos-governed egressEvery request, finding, and cost is logged.
Cost control
Unmanaged AI usageThe bill arrives after the spend.
Diodos-governed egressLimits block requests before the provider is hit.
Auditability
Unmanaged AI usageNothing to show security.
Diodos-governed egressAudit-ready logs with CSV and SIEM export.
Device rollout
Unmanaged AI usagePer-person, manual, unmanaged.
Diodos-governed egressSystem install, MDM-friendly, fleet-managed.
Tool coverage
Unmanaged AI usageEach tool calls models directly.
Diodos-governed egressTools, agents, CLIs, and APIs share one path.
Enterprise deployment
Unmanaged AI usageLocal scripts and good intentions.
Diodos-governed egressKubernetes, OpenShift, and Helm.
Who it's for

Teams adopting AI without giving up control.

Enterprise security teams

Govern AI egress and prove what left the building.

Platform & infrastructure teams

One managed path for every AI tool on the fleet.

AI governance committees

Turn AI policy into enforced, audited controls.

CTO & CIO organizations

Adopt frontier models without expanding your attack surface.

Finance & FinOps teams

Attribute and cap LLM spend by team, tool, and model.

Regulated & high-trust businesses

Keep customer data out of raw prompts.

FAQ

Questions security and engineering ask first.

What is AI DLP?

AI data loss prevention (AI DLP) detects and controls sensitive data such as PII, secrets, source code, and credentials before it is sent to AI tools and large language models. Diodos applies DLP at the AI egress layer, masking values on the device before plaintext leaves your environment.

How does Diodos protect customer data sent to LLMs?

A local agent detects policy-matched sensitive values and replaces them with stable placeholders before the request leaves the device. Frontier models receive the context they need without the raw data, and the original-to-placeholder mapping stays local.

Does Diodos replace ChatGPT, Claude, or Cursor?

No. Diodos sits between your tools and the providers. You keep using ChatGPT, Claude, Cursor, and your CLIs, and Diodos governs the egress, masking, logging, and cost along the way.

Does Diodos support Claude Code, Codex, and Cursor?

Yes. Diodos routes supported developer tools such as Claude Code, Codex, and Cursor through the local agent by reconciling their settings files or capturing proxy and CA trust from the OS/session environment (or OS/PAC), alongside provider APIs and selected web AI surfaces.

Can Diodos run on Linux, macOS, and Windows?

Yes. The agent is native to Linux, macOS, and Windows, with system install and OS/PAC egress capture on supported backends.

Can Diodos be deployed on Kubernetes or OpenShift?

Yes. Diodos ships Docker Compose for local trials, plus Helm charts and GHCR images for Kubernetes and OpenShift, using external Postgres 17+ and S3-compatible storage (MinIO or AWS S3) in production.

Does Diodos support LDAP or Active Directory?

Yes. Diodos can authenticate users against your existing LDAP or Active Directory, so enterprise teams keep their identity source of truth and map directory groups to roles.

We already run a corporate proxy. Does Diodos work with it?

Yes. Diodos does not have to replace your network egress. It can chain to your existing corporate proxy upstream via PAC or HTTP/HTTPS, so AI traffic still flows through your current controls.

Is Diodos free?

Every feature available in Diodos today stays free forever. Paid enterprise support, managed deployment, or hosting may be offered separately.

Does Diodos provide audit logs and cost monitoring?

Yes. Diodos records an audit-ready event history, stamps each request with model-based cost, and flags anomalies as they happen, with CSV and SIEM-friendly export.

Does Diodos send raw prompts to the server?

Masking happens on the device before plaintext leaves. Diodos is designed so the control plane works with masked, policy-matched data rather than your raw customer content.

How is Diodos different from a generic proxy?

A proxy moves traffic; Diodos understands it. It adds local-first masking, signed egress policy, per-model cost, anomaly detection, RBAC, tenant isolation, and a typed realtime control plane that never executes arbitrary commands.

Give your teams AI freedom without losing control of sensitive data.

Start with a 5-minute local trial. The docs and one compose command are all you need.

Current features free forever