Policies
Set the rules. Enforce them automatically.
Active Policies
7enforced
Total Violations
29630d
Compliance Rate
96%of users
Enforcement Types
5 Block1 Warn1 Monitor
| Policy Name | Type | Scope | Enforcement | Status | Violations (30d) | Compliance | Actions |
|---|---|---|---|---|---|---|---|
US-Only AI Providers Block model calls to providers based outside the United States | Provider Restriction | Global | Block | Active | 233 active | 93% | |
Approved Tools Only Only Cursor, GitHub Copilot, and Claude Code are permitted | Tool Allowlist | Global | Block | Active | 453 active | 87% | |
Warn on Infrastructure Cmds Warn when agents run kubectl, terraform, ssh, or docker push | Command Warning | Global | Warn | Active | 342 active | 90% | |
Block DeepSeek Models Block all models from the DeepSeek provider | Model Blocklist | Global | Block | Active | 121 active | 96% | |
No AI on PCI Repos Block AI coding tools on repositories tagged PCI-Sensitive | Repo Restriction | Tag: PCI | Block | Active | 81 active | 98% | |
Block External Data Exfil Block curl/wget to non-allowlisted domains and raw IP addresses | URL Restriction | Global | Block | Active | 183 active | 95% | |
Monitor Paste Site Access Log when agents fetch from paste sites (pastebin, gist, etc.) | URL Restriction | Global | Monitor | Active | 1561 active | 85% |
Policy Templates
Quickly create policies from proven presets
Block Non-US Providers
Ensure all AI traffic stays within US-based providers
Use TemplatePCI Repository Protection
Block AI tools on PCI-sensitive repositories
Use TemplateCommand Execution Controls
Warn or block risky shell commands from AI agents
Use Template