SENSE (Shadow Exposure & eNterprise Surveillance for AI) is an advanced AI Security Platform designed to monitor, control, and secure AI adoption within the enterprise. It features a transparent AI Gateway that intercepts and inspects LLM traffic, enforcing granular security policies for Data Loss Prevention (DLP) and Prompt Injection protection.
Note: This project was presented at BlackHat MEA 2025.
- Transparent Proxy: Routes traffic to OpenAI, Anthropic, or Local LLMs (Ollama) seamlessly.
- Policy Enforcement: Blocks malicious requests (e.g., Prompt Injection) and prevents sensitive data leaks (DLP) in real-time.
- Dynamic Configuration: Manage routes and backends directly from the UI without restarts.
- Live World Map: 3D visualization of global AI traffic and threat origins.
- Executive Dashboard: High-level metrics on AI adoption, risk posture, and policy violations.
- Thirol Timeline: Interactive timeline of blocked threats and anomalies.
- Network Intelligence: Visual graph of internal services communicating with external AI APIs.
- Visual Policy Editor: Create, edit, and toggle security rules via the Dashboard.
- Granular Control: Define rules based on JSON keys (
messages,prompt), Regex patterns, or Keywords. - AI Insights: Automated analysis of blocked requests to identify patterns and emerging threats.
- Shadow AI Detection: Passive sniffing (
libpcap) to detect unauthorized "Shadow AI" API calls. - Real-time Activity Logs: Detailed audit trail of every intercepted request and violation.
- Process Monitoring: Identify specific processes (e.g.,
ollama, python scripts) generating AI traffic.
- Go: Version 1.23+
- Node.js: Version 18+ (for Frontend)
- libpcap: Required for network capture (
brew install libpcapon macOS).
git clone https://github.com/Faux16/sense-ai.git
cd sense-ai# Backend
go mod tidy
# Frontend
cd internal/ui/frontend
npm install
cd ../../..go build -o sense cmd/sense/main.goWe provide a helper script to start both the Gateway and Monitoring Engine with the necessary permissions:
./scripts/start.shNote: This script uses sudo to enable network packet capture.
Open your browser to: http://localhost:5173/ui/
Direct your AI Client (e.g., LangChain, Python openai lib) to the Gateway:
from openai import OpenAI
client = OpenAI(
base_url="http://localhost:8081/v1", # Point to SENSE Gateway
api_key="unused"
)
response = client.chat.completions.create(
model="gpt-3.5-turbo",
messages=[{"role": "user", "content": "Hello!"}]
)cmd/sense/ # Main entry point (Engine + API)
internal/
├── gateway/ # AI Gateway Proxy implementation
├── policy/ # Policy Engine (DLP/Injection checks)
├── api/ # REST API configuration endpoints
└── ui/ # React Frontend (Dashboard & Editors)
scripts/ # Startup and testing scripts
policies.yaml # Default security policies
gateway.yaml # Routing configuration
MIT License.