AI security for teams that build fast
Full visibility into every AI request your team makes. Secret detection, policy enforcement, and cost tracking — deployed in 5 minutes with an architecture that keeps all data on your infrastructure.
Why teams choose CitrusGlaze over enterprise DLP
| Capability | CitrusGlaze | Enterprise DLP |
|---|---|---|
| Deploy time | 5 minutes | 6+ months average |
| Data routing | Local-first — AI traffic inspected on your machine | Routed through vendor cloud |
| Price (50-person team) | $6,000/year | $10,000–$26,800/year |
| Secret detection | 349+ AI-specific patterns | Generic DLP rules |
| Data sovereignty | On-prem and air-gapped capable — nothing leaves your network | Requires vendor cloud tenant |
| Insider threat detection | Per-user audit trail + honey token tripwires | Domain-level allow/deny only |
| Token spend tracking | Per-model, per-user cost attribution | Not available |
| Source code | Scanner is open source (MIT) | Proprietary black box |
Verified capabilities
9 security stages, each independently verifiable. Source available upon evaluation.
Cedar Policy Engine
Declarative policies with hot-reload. Control which tools can make which API calls — per-user, per-model, per-destination.
9-Stage Inspection Pipeline
Every request passes through 9 security stages in under 10ms.
349+ Secret Detection Patterns
AWS keys, database URIs, API tokens, private keys. A continuously updated threat intelligence feed with real-time blocking and redaction.
Injection Detection
18 pattern groups plus heuristic analysis for prompt injection attempts.
Honey Token Detection
Exfiltration canary credentials that detect and block data theft attempts.
Kernel Sandbox
Seatbelt (macOS) and Landlock (Linux) kernel-level sandboxing via nono.
Sigstore Attestation
Supply chain integrity verification for every binary release.
Loop Attack Detection
5 identical tool calls in 60 seconds triggers automatic blocking.
Cost-Based Model Routing
Automatic model downgrade based on cost policies and usage caps.
9-stage inspection pipeline
Every request passes through these stages in under 10ms.
AppIdentification
Source app from SNI/process info
CedarPolicy
Evaluate action (may block/downgrade)
SecretScan
349+ secret patterns
InjectionDetect
18 pattern groups + heuristics
GuardrailCheck
Destination allowlist + content rules
LoopDetect
5 identical tool calls in 60s → block
HoneyTokenCheck
Exfiltration canary detection
ModelRouting
Cost-based model downgrade
Audit
Structured logging with timing
Frequently asked questions
How does deployment work? ▾
CitrusGlaze is a prompt firewall that runs on each developer's machine. Install takes 5 minutes — no network infrastructure changes, no VPN routing, no cloud service to configure. The inspection engine intercepts AI API calls locally and enforces policies before requests leave the machine.
Where does my data go? ▾
By default, all AI traffic inspection happens locally on each machine with logs in a local SQLite database. Enterprise customers can enable cloud sync for centralized dashboards, cross-device audit trails, and team-wide visibility — all encrypted in transit (TLS 1.3) and at rest (AES-256). You control what is synced and can delete cloud data at any time. Full data sovereignty — CitrusGlaze can run on-prem or air-gapped with no external dependencies.
Is the scanner really open source? ▾
The scanner is MIT licensed and fully open source. The proxy and enterprise features are proprietary. We believe in transparency — the scanner's 349+ detection patterns are auditable on GitHub.
What support is available? ▾
Enterprise customers get direct engineering support. You'll talk to the people who built the product, not a support tier. Email [email protected] for response within 24 hours.
How do I evaluate CitrusGlaze? ▾
Start with the free scanner (pip3 install citrusglaze-scan) to see what secrets are in your team's AI history. Then install CitrusGlaze on a few machines for a proof-of-concept. No sales call needed to get started — but we're happy to walk you through the architecture.
Do you have compliance certifications? ▾
Not yet. We don't have SOC 2 Type II or FedRAMP authorization. We're transparent about where we are: early-stage, with an open-source scanner you can audit. Every policy decision is logged as structured JSON — compliance evidence your auditors can review directly. See our /security page for our full honest assessment.
Ready to secure your team's AI traffic?
Local-first architecture. Deploy in 5 minutes.