The paste
A page of confidential Notion strategy, pasted into a personal AI assistant for a “quick summary.”
MoonGate evaluates copy, paste, upload, share, and export actions inline in the managed browser — and decides locally, on the endpoint, before the action completes. Not an alert after the data is gone. A gate in front of it.
Sensitive data rarely leaves through malware. It leaves through the browser, one unremarkable action at a time.
A page of confidential Notion strategy, pasted into a personal AI assistant for a “quick summary.”
A Drive export downloaded to the desktop — then uploaded to personal cloud storage an hour later.
An external share, guest invite, or public link created on a document that was never meant to leave.
A protected file dropped into an unapproved site’s file picker — renamed, archived, or scripted along the way.
Network DLP can’t see inside TLS. SaaS audit logs report the action after it has completed. The only place a leak can still be stopped is the endpoint where it happens.
Legacy DLP tells you what left. MoonGate decides whether it leaves — synchronously, in the moment, on the machine.
Every intercepted action is evaluated against three things at once. No single answer is trusted on its own.
Where is it from?
A protected Google Workspace tenant or Notion workspace? Which document, which label, which classification? Provenance follows content through copies, renames, and light edits — and unresolved metadata fails closed to restricted.
Is it protected?
Keyed HMAC-SHA-256 fingerprints — exact, partial, and rolling — plus file hashes and canaries match protected content, including lightly edited excerpts. Raw content is fingerprinted on the endpoint and never persisted or uploaded.
Where is it going?
A corporate tenant, an allowlisted SaaS app, a personal account, or an unknown external site? Destinations are reclassified by the agent against signed policy. A page cannot mark itself approved.
Three answers. One verdict. Before the byte moves.
ALLOW AUDIT WARN BLOCKCopy, paste, drop, upload, download, export, share, publish, print — each held at the boundary and decided. Expand a row to see how the verdict was earned.
Illustrative default-policy scenarios. Every real verdict carries its policy version, correlation ID, and match strength — so an investigation can replay exactly why the gate opened or closed. Files too large to inspect fail closed rather than bypassing evaluation. Native browser-menu print is detect-only today.
Cloud signals inform the policy — SaaS audit and EDR ingestion land on the integration roadmap. They never gate the decision; that happens on the endpoint, synchronously, even when the network is gone.
— context, not enforcement —
— enforcement: local, synchronous, fail-closed —
The gate holds. Policy is verified, cached, and enforced locally. Outages are observable and intentional — never a silent open door.
It shows. The toolbar badge is backed by native health checks, and any managed-policy change holds protected actions until every tab acknowledges the new configuration.
Enforcement that reads everything must be trusted with nothing. Raw content is evaluated on the endpoint and stays there.
Fingerprints are keyed HMACs, computed and kept on the endpoint. Even a match is reported as a decision — not as content. There is no central corpus of your documents to breach.
Six commitments, enforced in the architecture rather than the marketing.
An inline decision before an upload, paste, download, export, or share proceeds — not a report after.
Protected content stays identified by tenant, metadata, labels, hashes, and privacy-preserving fingerprints.
The managed browser is the most reliable first control point for Docs, Drive, and Notion content.
MoonGate integrates with your EDR, MDM, SIEM, and SaaS audit logs. It doesn’t pretend to be them.
Only the content identity needed for policy evaluation is retained — local caches and keyed fingerprints, never raw copies.
Cached policy and explicit operational modes make outages observable and intentional, not silently permissive.
Security products earn trust by being precise about their limits. These are ours.
Cameras and screenshots are a hard boundary. MoonGate can deter, watermark, and limit some capture paths — it cannot guarantee prevention against a phone pointed at a screen.
Browser enforcement covers the browser. Native sync clients, CLI and API exports, removable media, and desktop apps need endpoint and SaaS-layer controls, which is why MoonGate layers with them.
Scripted egress is a separate layer. Page code can move data through asynchronous clipboard and filesystem APIs, direct network requests, and service workers that bypass trusted DOM events; closing those paths takes managed-browser API controls and endpoint enforcement.
It is not a replacement for your EDR, MDM, CASB, or SIEM — and doesn’t hook or inject into them. It integrates through supported APIs.
SaaS UIs change. Drive and Notion interception must be re-validated against real UI builds as they evolve; we treat coverage as something to prove, not assume.
Precision about limits is a security feature. Everything else on this page is the enforcement model we build and test against — verified today on synthetic Drive and Notion fixtures, validated with design partners next.
MoonGate is pre-pilot. The enforcement foundation — managed extension, Rust endpoint agent, signed policy control plane — is built and verified against synthetic Drive and Notion fixtures, with a repeatable block-path demo.
We’re onboarding a small design-partner cohort: security teams on Google Workspace and Notion with managed macOS or Windows fleets, who want to shape inline DLP from the first policy onward.
No pricing theater, no fake logos. A conversation about your exfiltration paths and our roadmap.