Baseline provider
Deterministic secrets and baseline PII checks, normalized findings, safe failure behavior, and conformance fixtures for every deployment.
Onterix Protect
Access to a source is not permission to send its content to every model, recipient, artifact, or destination. Onterix is designed to make that downstream boundary visible and enforceable.
Compose, don’t replace
Onterix owns when inspection must occur and how findings meet identity, client, source, purpose, action, and destination policy. Your enterprise or approved vendors can own how sensitive content is detected and transformed.
Deterministic secrets and baseline PII checks, normalized findings, safe failure behavior, and conformance fixtures for every deployment.
Compose with Purview, cloud DLP, proprietary classifiers, tokenization services, or other approved protection endpoints.
Run signed modules as local services or sandboxed artifacts—without connector credentials, unrestricted egress, or final authorization power.
Mandatory boundaries
Different destinations and purposes create different risk. The same source content may be safe for internal retrieval, prohibited for an external model, and permitted again after a governed transformation.
Inspect managed prompts and uploads before they become agent context.
Combine source-native labels, ACLs, purpose, and destination—not just content patterns.
Evaluate the fully composed model request after retrieval, instructions, and prior steps.
Inspect proposed tool arguments and normalize sensitive fields before execution.
Seal protection provider, ruleset, and transformation versions into the approval.
Recheck generated files, messages, email recipients, downloads, and external delivery.
Policy outcomes
Protection findings become facts for policy. The runtime can choose the least risky path that still preserves useful work.
Coverage boundary
Onterix can govern only data and actions that pass through an Onterix runtime, ingress, model route, artifact path, or integrated enterprise control.
| Flow | Coverage | Reason |
|---|---|---|
| Agent reads Salesforce through Onterix | In boundary | Identity, source, destination, content, and result are visible to the runtime. |
| Onterix sends retrieved context to a model | In boundary | The composed request passes through the configured model route and protection chain. |
| User uploads a file directly to unmanaged AI | Outside by default | Requires vendor policy, CASB, endpoint, browser, or another integrated enterprise control. |
| Agent calls a connector outside Onterix | Outside | No Onterix-controlled enforcement point observes the transaction. |
Bring your controls
Help us validate typed extension contracts against real DLP, classification, model-routing, and customer-local sanitization requirements.