Skip to content

SailPoint Entro WebGuard

Extension for AI Data Leak Prevention

Overview

SailPoint Entro WebGuard is a Chrome extension that prevents sensitive data from being pasted into AI assistants like ChatGPT.

It scans every prompt before it leaves the browser. It then enforces your policy in real time.

Why Use WebGuard

  • Prevent secret leakage to AI tools.

    • API keys, tokens, private keys, JWTs, and certificates.
  • Protect PII in prompts.

    • Emails, phone numbers, SSNs, credit cards, IP addresses, and street addresses.
  • Keep a full audit trail.

    • Findings, enforcement action, and user bypass decisions.
  • Stay frictionless on clean prompts.

    • No warnings when nothing sensitive is found.

How WebGuard Works

WebGuard uses a two-tier detection engine.

Tier 1 detection (local)

Tier 1 runs fully in the browser. It is instant.

It detects:

  • Secrets using Shannon entropy and pattern matching.

  • PII using regex-based rules with validation.

Note

Tier 1 does not send data to SailPoint Entro. Everything runs locally in the browser.

Tier 2 detection (SailPoint Entro API validation)

Tier 2 requires an API key.

When the user sends a prompt, Tier 1 findings are validated by the SailPoint Entro scan API. Tier 2 can also detect additional secrets that Tier 1 missed.

Results are cached for 30 seconds.

Note

If the SailPoint Entro API is unavailable, WebGuard falls back to Tier 1 only.

Enforcement flow

WebGuard enforces policy at two points:

  • While typing: real-time scanning with a 600ms debounce.

  • On Send: intercepts the outbound request and scans the full prompt.

    • This includes text extracted from attached files.

What WebGuard Detects

Secrets (Tier 1 - local)

Tier 1 runs entirely in the browser as a fast first pass. No data leaves the browser.

It uses Shannon entropy analysis to flag high-randomness strings as potential secrets.

Any string with:

  • Shannon entropy >= 4.2 bits/char

  • Length >= 20 chars

It is flagged as a possible secret.

Tier 1 also catches a small set of unambiguous patterns locally:

  • Private keys (PEM) (Critical).

  • Certificates (PEM) (High).

  • JSON Web Tokens (JWT) (High).

  • High-entropy tokens (High).

This provides immediate feedback as the user types, with zero latency.

Secrets (Tier 2 - SailPoint Entro API)

Tier 2 requires an API key.

When the user sends a prompt, Tier 1 findings are validated by the SailPoint Entro scan API. Tier 2:

  • Confirms whether a high-entropy token is actually a secret.

  • Classifies it into a specific type.

    • Example: GitHub token, AWS access key, Stripe key.
  • Can detect additional secrets that Tier 1 missed.

Examples include:

  • AWS access keys and secret keys.

  • GitHub tokens.

  • Slack tokens.

  • Stripe keys.

  • SendGrid API keys.

And many more.

Tier 2 results are cached for 30 seconds. This reduces redundant calls. Validation often completes before the user clicks Send.

If the SailPoint Entro API is unavailable, WebGuard falls back to Tier 1 local detection only.

PII (optional)

PII detection is optional. It is disabled by default. You can toggle it on in Settings.

PII types include:

  • Email address (Medium).

    • Validation: pattern match.
  • US phone number (Medium).

    • Validation: pattern match.
  • International phone number (Medium).

    • Validation: pattern match.
  • Social Security number (SSN) (Critical).

    • Validation: pattern match.
  • Credit card (Critical).

    • Visa, Mastercard, Amex, Discover.

    • Validated with the Luhn algorithm.

  • IPv4 address (Low).

    • Excludes private and reserved ranges.
  • Street address (Medium).

    • Validation: pattern match.

Policy Actions

Each detection type can be configured with one of these actions:

  • Block

    • Stops the request.

    • Shows a block modal.

    • Redacts the sensitive content in the input field.

  • Prevent

    • Shows a warning modal with findings.

    • User can cancel or proceed anyway.

    • User choice is logged.

  • Audit

    • Allows the request.

    • Logs the finding locally.

    • Optionally forwards the event to your audit endpoint.

Default actions:

  • Secrets: Prevent

  • PII: Prevent

Audit Logging

WebGuard logs every scan locally. The popup shows the last 50 events.

Each event can include:

  • Timestamp.

  • Action taken: block, warn, audit, or allow.

  • Prompt length.

  • Findings summary.

  • Whether the user bypassed a warning.

Forward audit events (optional)

You can forward events to an external endpoint (for example, a SIEM).

You configure:

  • API Endpoint URL: where to POST audit events.

  • Audit Payload Template: JSON body with placeholders.

Supported placeholders:

  • {{source}}: always entro-webguard.

  • {{version}}: extension version.

  • {{timestamp}}: ISO 8601 timestamp.

  • {{action}}: block, warn, audit, or allow.

  • {{userProceeded}}: boolean.

  • {{interceptedUrl}}: intercepted ChatGPT API request URL.

  • {{pageUrl}}: browser tab URL.

  • {{promptLength}}: character count.

  • {{promptText}}: prompt text with secrets and PII redacted.

  • {{findings}}: JSON array of redacted findings.

Note

If either the endpoint URL or the payload template is empty, remote forwarding is disabled. Local logging still works.

Installation

61KB
entro-webguard.zip
archive

Load the extension

  1. Download the extension ZIP and unzip it.

  2. Open chrome://extensions/.

  3. Turn on Developer mode.

  4. Click Load unpacked.

  5. Select the unzipped dist folder.

Pin WebGuard

Pin the WebGuard extension to your Chrome toolbar. This makes it easier to open the popup and Settings.

Configuration

Open the extension popup. Click the gear icon to open Settings.

General

  • Enable DLP Protection (default: On)

    • Master toggle.

    • When off, prompts pass through without scanning.

  • Enable PII Detection (default: Off)

    • Enables scanning for PII patterns listed above.

Tier 2: SailPoint Entro Validation API (optional)

Tier 2 provides remote validation and accurate secret classification. It requires a SailPoint Entro REST API key.

  1. Set API Base URL

    Set API Base URL to your tenant URL. Default is:

    https://api.entro.security
    
  2. Generate an API key

    In SailPoint Entro, go to Settings → API Keys. Generate a new REST API key.

    Direct link:

    https://app.entro.security/admin/settings?tab=api-keys
    
  3. Test connection and save

    1. Paste the key into API Key.

    2. Click Test Connection.

    3. Confirm the test returns a request ID.

    4. Click Save.

Detection policies

You can set an action per detection type. Bulk actions let you set all Secrets or all PII types at once.

Recommended starting point:

  • Set Secrets to Prevent.

  • Set PII to Audit first.

  • Move high-confidence PII types to Prevent after tuning.

Testing the Extension

Use a known test token. Do not test with real secrets.

Note

This string is for testing only. Do not paste production credentials into any AI assistant.

Paste the following into ChatGPT:

ghp_BTqLYZxZZt41aNxfv32C4UBiUiw2R82UC7va

Expected behavior:

  • Tier 1 detects it as a high-entropy token.

  • Tier 2 (if configured) classifies it as a GitHub token.

  • Your configured policy is enforced.

Extension Popup

The popup shows:

  • Statistics.

    • Total prompts scanned.

    • Secrets found.

    • PII found.

    • Submissions blocked.

  • Recent events.

    • Last 50 events.

    • Timestamp, action, and finding badges.

Supported Platforms

WebGuard currently monitors:

  • chatgpt.com

  • chat.openai.com

File Scanning

WebGuard scans text-based files uploaded to ChatGPT. Files are scanned before upload.

Common supported types:

  • .txt, .md, .csv, .json, .xml

  • .yaml, .yml, .env

  • .pem, .key, .crt

  • .py, .js, .ts, .java, .sql

Other common code and config formats are also supported.