AI DLP and governance for every agent, CLI, and developer tool.
Diodos routes AI egress through a managed gateway, masks sensitive data locally before plaintext leaves the device, and gives security, engineering, and finance teams audit-ready visibility into usage, findings, cost, and anomalies.
Every feature available in Diodos today stays free forever.
- Local-first masking
- AI agents & LLM providers
- LDAP / Active Directory
- Proxy chaining (PAC / HTTP)
- LLM cost limits
- Kubernetes · OpenShift · Helm
Overview
Diodos control plane
- claude-sonnet-4-6612
- gpt-5.5388
- gemini-2.5-pro284
AI egress path: plaintext is masked on the device before it leaves.
Your team is already using AI. The risk is what you can't see.
Shadow AI adoption moves faster than governance. Diodos gives you the egress layer to see it, control it, and prove it.
Customer data pasted into AI tools
Names, emails, contracts, and support tickets flow into chat windows with no record of what left.
Secrets and credentials sent to LLMs
API keys, tokens, and database URLs end up in prompts, then in provider logs you don't control.
Dev tools using AI with no central view
Claude Code, Cursor, Codex, and CLIs call models directly, outside any security review.
Cost blind spots
Subscriptions and API keys spread across teams with no per-user, per-tool, or per-model breakdown.
No audit trail
When security asks "what did we send to which model?", there is no answer to give.
Shadow AI without governance
Adoption happens from the bottom up while leadership owns the risk, with no policy in between.
Frontier models get the context. Not your raw customer data.
Paste a log, a stack trace, or a ticket. Diodos detects the sensitive values and replaces them with stable placeholders on the device, before any plaintext leaves. The model still gets the context it needs.
- Masking runs locally on the agent, not on a server.
- Each finding is matched to a signed masking policy.
- Values become typed placeholders like [PHONE_1] or [NATIONAL_ID_1].
- The original-to-placeholder mapping stays on the device.
One governed path for every AI surface.
From the local agent to the control plane: the controls security, platform, and finance teams actually ask for.
Local-first masking
The agent masks policy-matched secrets and PII on the device, before AI traffic leaves the local environment.
Managed egress gateway
Route AI traffic from tools, agents, CLIs, desktop apps, browser AI surfaces, and provider APIs through one governed path.
Signed policy bundles
Masking and egress rules ship as signed bundles; clients sync and verify them before enforcing.
Granular egress rules
Route, mask, or block by host, path, provider, and wire format. Unsupported surfaces report instead of silently bypassing.
Cost monitoring & limits
See estimated cost by user, client, tool, provider, and model. Set rolling-window limits that block before the provider is hit.
Anomaly detection
Catch high-risk requests, finding bursts, and high estimated cost as they happen.
Audit logs & exports
Audit-ready event history with CSV and SIEM-friendly export for security review.
RBAC & tenant isolation
Permission-checked handlers with Postgres row-level security enforced at the database, not just the API.
Realtime control plane
Policy updates, token rotation, quarantine, and remote uninstall over a typed allowlist that cannot carry arbitrary commands.
Works with the AI your teams already use.
Built-in support for major providers, web AI surfaces, and developer agents, plus custom egress rules for everything else.
Web AI surfaces
- chatgpt.com
- claude.ai
- gemini.google.com
Provider APIs
- OpenAI
- Anthropic
- Azure OpenAI
- OpenRouter
- Mistral
- Groq
- + more
Developer agents & tools
- Claude Code
- Codex
- Cursor
- opencode
- Antigravity
Each tool is governed through its CLI/agent and settings or OS-proxy surface; coverage depth depends on that surface.
See every dollar. Stop runaway spend before it happens.
Diodos stamps each request with tenant-scoped model pricing, so finance and platform teams get an honest, provider-independent cost view, plus hard limits when they need them.
- Cost broken down by user, client, tool, provider, and model
- Honest estimates from a per-model pricing catalog
- Unknown models cost $0 until priced, so numbers are never fabricated
- High-cost anomalies flag runaway usage early
Rolling-window cost limits
Enforced| scope | 5h | 7d | mo |
|---|---|---|---|
All clientsanthropic | $100 | $500 | $2,000 |
macbook-pro-alexgpt-5.5 | $20 | $80 | $300 |
ci-runner-02all egress | $15 | $60 | $200 |
Set limits per client, egress rule, provider, or model. When a 5-hour, 7-day, or monthly limit is reached, Diodos blocks the request before it reaches the provider. Sensible defaults apply until you tune them.
Built for enterprise rollout, not just a local demo.
System install, fleet control, and deployment paths that survive real environments.
LDAP / Active Directory auth
Authenticate users against your existing LDAP or Active Directory and map directory groups to roles.
Chains to your existing proxy
Already run a corporate proxy? Diodos chains to it upstream via PAC or HTTP/HTTPS instead of replacing it.
System install for managed fleets
Admin/root or MDM install with protected service, config, state, log, and CA paths.
OS / PAC egress capture
Signed host/path/provider rules with GNOME/KDE, networksetup, and WinINET backends.
Remote uninstall & offboarding
Decommission agents from the control plane when a device or a person leaves.
Tenant isolation by Postgres RLS
Cross-tenant leaks are tested at the database level, with soft-delete-aware policies.
RBAC & permission checks
Role-based access on every handler, with audit on sensitive actions.
SIEM & audit export
Stream audit events to your SIEM and export findings and costs as CSV.
Show, don't tell.
The Diodos control plane gives security, engineering, and finance one view of governed AI usage.
Overview
Diodos control plane
- claude-sonnet-4-6612
- gpt-5.5388
- gemini-2.5-pro284
Findings
| Finding | Severity | Action | Time |
|---|---|---|---|
EMAILClaude Code | High | Masked | 2m |
SECRETCursor | High | Blocked | 6m |
CARDChatGPT | High | Masked | 9m |
PHONECodex | Medium | Masked | 14m |
IBANGemini | Medium | Masked | 21m |
Costs
| Model | Tokens | Cost | Source |
|---|---|---|---|
claude-sonnet-4-6anthropic | 4.2k | $0.182 | Auto |
gpt-5.5openai | 2.8k | $0.094 | Auto |
gemini-2.5-progoogle | 6.1k | $0.058 | Estimated |
claude-opus-4-1anthropic | 1.4k | $0.210 | Auto |
Clients
| Client | Status | Requests | Cost |
|---|---|---|---|
macbook-pro-alexAgent 1.0.0 | Online | 412 | $14.20 |
ws-eng-04Agent 1.0.0 | Online | 388 | $11.80 |
ci-runner-02Agent 1.0.0 | Offline | 156 | $4.10 |
mbp-design-02Agent 0.9.8 | Online | 240 | $7.60 |
Try Diodos locally in about 5 minutes.
One compose stack for a local trial. Helm charts, GHCR images, and OpenShift for production.
Docker Compose
~5 mingit clone https://github.com/epimathea/diodos.git
cd diodos
cp .env.example .env
docker compose up -d# macOS / Linux / Windows
open http://127.0.0.1:17630/en.env.example ships dev-only, clearly labelled secrets. Copy it to .env and rotate them before any non-local use. Past a loopback trial, also set DIODOS_API_PUBLIC_URL and DIODOS_WEB_PUBLIC_URL to the browser-visible origins; the API uses DIODOS_WEB_PUBLIC_URL as the exact CORS origin.
Production paths
Helm charts, GHCR release images, Kubernetes, and OpenShift for production, backed by external Postgres 17+ and S3-compatible object storage (MinIO or AWS S3).
Unmanaged AI usage vs. Diodos-governed egress
Same tools, same models. A completely different risk posture.
Teams adopting AI without giving up control.
Enterprise security teams
Govern AI egress and prove what left the building.
Platform & infrastructure teams
One managed path for every AI tool on the fleet.
AI governance committees
Turn AI policy into enforced, audited controls.
CTO & CIO organizations
Adopt frontier models without expanding your attack surface.
Finance & FinOps teams
Attribute and cap LLM spend by team, tool, and model.
Regulated & high-trust businesses
Keep customer data out of raw prompts.
Questions security and engineering ask first.
What is AI DLP?
AI data loss prevention (AI DLP) detects and controls sensitive data such as PII, secrets, source code, and credentials before it is sent to AI tools and large language models. Diodos applies DLP at the AI egress layer, masking values on the device before plaintext leaves your environment.
How does Diodos protect customer data sent to LLMs?
A local agent detects policy-matched sensitive values and replaces them with stable placeholders before the request leaves the device. Frontier models receive the context they need without the raw data, and the original-to-placeholder mapping stays local.
Does Diodos replace ChatGPT, Claude, or Cursor?
No. Diodos sits between your tools and the providers. You keep using ChatGPT, Claude, Cursor, and your CLIs, and Diodos governs the egress, masking, logging, and cost along the way.
Does Diodos support Claude Code, Codex, and Cursor?
Yes. Diodos routes supported developer tools such as Claude Code, Codex, and Cursor through the local agent by reconciling their settings files or capturing proxy and CA trust from the OS/session environment (or OS/PAC), alongside provider APIs and selected web AI surfaces.
Can Diodos run on Linux, macOS, and Windows?
Yes. The agent is native to Linux, macOS, and Windows, with system install and OS/PAC egress capture on supported backends.
Can Diodos be deployed on Kubernetes or OpenShift?
Yes. Diodos ships Docker Compose for local trials, plus Helm charts and GHCR images for Kubernetes and OpenShift, using external Postgres 17+ and S3-compatible storage (MinIO or AWS S3) in production.
Does Diodos support LDAP or Active Directory?
Yes. Diodos can authenticate users against your existing LDAP or Active Directory, so enterprise teams keep their identity source of truth and map directory groups to roles.
We already run a corporate proxy. Does Diodos work with it?
Yes. Diodos does not have to replace your network egress. It can chain to your existing corporate proxy upstream via PAC or HTTP/HTTPS, so AI traffic still flows through your current controls.
Is Diodos free?
Every feature available in Diodos today stays free forever. Paid enterprise support, managed deployment, or hosting may be offered separately.
Does Diodos provide audit logs and cost monitoring?
Yes. Diodos records an audit-ready event history, stamps each request with model-based cost, and flags anomalies as they happen, with CSV and SIEM-friendly export.
Does Diodos send raw prompts to the server?
Masking happens on the device before plaintext leaves. Diodos is designed so the control plane works with masked, policy-matched data rather than your raw customer content.
How is Diodos different from a generic proxy?
A proxy moves traffic; Diodos understands it. It adds local-first masking, signed egress policy, per-model cost, anomaly detection, RBAC, tenant isolation, and a typed realtime control plane that never executes arbitrary commands.
Give your teams AI freedom without losing control of sensitive data.
Start with a 5-minute local trial. The docs and one compose command are all you need.
Current features free forever