Skip to main content
Oriant is designed for AI-tool discovery and enforcement, not data-loss prevention. The Agent is a tunnel-only HTTPS proxy: it reads the destination from the CONNECT request, but does not decrypt TLS, read prompts, inspect responses, or store content.

Data sent to Oriant

For a catalogued host, the Agent sends an aggregated rollup request to the API. The API uses the host to resolve the provider, then stores the provider slug in Postgres. A rollup can include:
  • the stamped work identity
  • the matched AI provider
  • the originating app or process when macOS can resolve it
  • a time bucket, connection count, byte totals, and allowed/blocked action
The raw CONNECT host is sent to the API for that catalog lookup; the stored rollup is keyed by provider, identity, app, and time bucket rather than by URL. The Agent also scans local device evidence on a schedule. The shippable report can contain installed AI-agent names, MCP server declarations, file paths, and credential variable names. It never sends credential values or repository contents. Repository inventory is local-only, although a matched configuration or .env file path can appear as the location of a detected variable.

Data Oriant does not collect

Oriant never collects:
  • prompt or response content
  • request or response bodies
  • URL paths or query strings
  • raw headers
  • per-request activity logs
Off-catalog traffic stays on the machine unless it crosses the threshold of the local, centrally managed candidate-detection rules. Candidate reports contain only a candidate host, app name when available, coarse time buckets, counts, byte totals, reason codes, and the rule version.

Coverage boundary

Oriant does not provide DLP, prompt inspection, content classification, or traffic visibility for applications that bypass the macOS system proxy. The current endpoint Agent supports macOS on Apple silicon and Intel.
Last modified on July 18, 2026