Menu
Blog How it works Use Cases
Products
agentsh
Open-source runtime for AI agent security
Beacon
AI endpoint visibility and control
Watchtower
Enterprise control plane for agentsh and Beacon
Request Access
Supervised Endpoint AI Security

Guardrails for AI on
employee endpoints.

Supervised does not mean safe. AI tools on employee endpoints connect anywhere, run commands, and touch files with real credentials. Beacon gives you visibility and control — without slowing anyone down.

  • See everything Every AI-triggered connection, command, and file change, traced to the app that caused it.
  • Control what matters Allow, prompt, block, or redirect by destination, command, or tool.
  • Human approvals that scale Approve risky operations in real time with full context.
  • Prove it happened Audit trails, SIEM export, and rapid response when you need it.
Request Access How it works
CG
ChatGPT api.openai.com Allowed
Cu
Cursor registry.npmjs.org Redirected
Cl
Claude Desktop unknown-mcp.io Blocked
CC
Claude Code rm -rf ./build Prompted
What Beacon is

Beacon secures supervised AI workloads on endpoints.

It monitors AI applications directly on macOS and Windows and enforces policy at the moment actions execute. No changes to the AI apps required.

Visibility

See everything AI touches.

Live Activity Feed
NET Claude Desktop → api.anthropic.com Allowed
CMD Cursor → npm install lodash Prompted
FILE Claude Code → wrote src/auth.ts Logged
NET ChatGPT → unknown-api.xyz Blocked
NET Cursor → api.openai.com Allowed

Every network connection, every command, every file operation.

Beacon captures the full picture — not just what happened, but which AI tool caused it and why.

Traced back to the AI tool that triggered it.

No more guessing. Every action is attributed to the originating application with full process-chain context.

Fleet-wide visibility for security and IT.

See what AI tools are doing across every endpoint in your organization, from a single pane.

Network controls

Control where AI tools can connect.

Destination Policy — Cursor
api.anthropic.com
Allow
api.openai.com
Allow
*.cursor.sh
Allow
registry.npmjs.org
Prompt
* (all other)
Block

Approved destinations only

Allow required APIs. Block everything else by default.

Block unknown endpoints

New MCP servers and suspicious domains do not get through.

Alert on anomalies

Review, approve, or block when new destinations appear.

Per-app policies Wildcard support Real-time enforcement
Action approval

Approve risky operations in real time.

Beacon: Action Required

An AI tool wants to run a command
Process chain
Cursor node bash rm -rf node_modules
Allow
Deny

Full context in every prompt

AI tool, process chain, exact action.

Allow once or always

Create durable rules as teams work.

Non-intrusive

Prompts appear only when policy requires it.

30s timeout Decision caching Audit logged
Incident response

When something goes wrong, act fast.

Alert: Anomaly detected
Suspicious pattern
Claude Desktop attempting bulk file access
47 file reads in 3 seconds — unusual for this app
Action taken Blocked
Files in quarantine 12
Recovery window 23h 41m

Real-time alerts

Suspicious patterns across supervised endpoints, flagged immediately.

Automatic policy enforcement

Block the offending action on the endpoint and log the full context for investigation.

Recovery guardrails

File quarantine so mistakes are reversible.

Instant alerts Policy enforcement File quarantine
Platform

Beacon fits into a bigger execution-layer system.

Endpoints

Beacon

Protects supervised AI on employee endpoints — macOS and Windows. Visibility, policy, and human-in-the-loop approvals.

You are here
Agents

AgentSH

Protects unsupervised AI agents in CI, containers, and dev environments. Open-source runtime security.

Learn about AgentSH →
Control plane

Watchtower

Governs both with centralized policy, approvals routing, and a kill switch across your entire AI fleet.

Learn about Watchtower →
All three products share a unified policy engine and single audit trail
See use case: Supervised copilots on endpoints Learn about Execution-Layer Security
Early Access

Start free. Scale when you're ready.

Full protection on day one. Upgrade as your needs grow.

Free

For individuals
  • 1 endpoint
  • Full monitoring and control
  • Local policy management
  • Prompt-based approvals
  • 24-hour local history
  • File quarantine and recovery
Join Early Access

Team

For small teams (up to 5 endpoints)
  • Up to 5 endpoints
  • Everything in Free
  • Shared cloud policy
  • 7-day event history
  • Team dashboard
  • Fleet-wide visibility
Join Early Access

Enterprise

For organizations
  • Unlimited endpoints
  • Everything in Team
  • Multiple policies and endpoint groups
  • 30/90/365-day retention
  • SIEM integration (Splunk, Sentinel)
  • SSO and role-based access
  • Dedicated support
Join Early Access
FAQ

Common questions.

What AI tools does Beacon monitor?

Beacon supports Claude Desktop, ChatGPT Desktop, Cursor, and Claude Code. Enterprise customers can add custom application definitions.

How is this different from EDR?

Beacon understands which AI application triggered each action, so policies map to AI tool behavior. It can also steer AI toward approved workflows instead of just blocking.

How does Beacon monitor AI apps?

Beacon runs as a lightweight agent on macOS and Windows. It observes AI-triggered connections, commands, and file operations and traces actions back to the originating AI tool.

Get early access to Beacon.

We're rolling out Beacon to teams who want visibility and control over AI tools on their endpoints. Tell us about your setup and we'll be in touch.

We'll reach out within a few business days.