Why Northbeams

You cannot govern
the AI you cannot see.

Coding agents, desktop apps, CLI tools, and MCP servers call AI straight from the laptop. They never touch your proxy, so a gateway never sees them. Northbeams does. It maps every AI tool across four surfaces, ties each call to a person, and lets you approve it or shut it down.

See your shadow AI free Book a demo
Browser · Desktop · CLI · MCP · Network
The blind spot

A gateway only governs what you route through it.

That is the catch. The browser tab, the terminal, the desktop app, the MCP server: each one calls a model directly from the device. Nothing is routed, so nothing is logged. The paste of a customer list into a free chatbot never asks for permission, and your appliance never sees it leave.

The whole picture

Gateways see the ships you route. Lighthouses see the ships you don't.

Northbeams watches the surfaces AI actually runs on, from one light install on the laptop. No traffic to reroute, no appliance in the path.

  • Browser: the Chrome, Edge, and Firefox extension reads in-page prompts and pastes.
  • Desktop: the Mac and Windows app watches outbound AI connections and process names.
  • CLI: the same app sees Cursor, Claude Code, Aider, Cline, and Windsurf in the terminal.
  • MCP: the MCP Gateway sits in path between coding agents and their MCP servers, per tool.
  • Network: DNS-layer allow, block, or coach for every AI tool by risk.
Depth is the difference

Anyone can list the tools. We go deep on each one.

Detection that stops at a tool name is a spreadsheet. Northbeams inspects what each tool touches, ties it to a person, and gives you a control you can actually pull.

Deep inspection
On the device, the classifier reads each prompt and MCP argument and flags credentials, PII, source code, customer data, and contracts, each with a severity and an estimated exposure value.
Per-user attribution
Every event carries a user, a tool, a category, and a time. Not a mystery IP address. A name.
Real enforcement
One-click block, allow, or sandbox by tool, team, and model. Govern MCP calls per tool. Coach at the DNS layer. Close the Harbor when something goes wrong.
One light install
The browser extension plus the desktop app, pushed through Intune, Jamf, or Kandji. No proxy, no MITM cert, no network change. Your first sweep back within 24 hours.
27
active AI tools in a typical 50-person company
$670K
higher breach cost when shadow AI is involved (IBM, 2024)
24 hrs
from one install to your first full sweep
Enablement, not prohibition

The goal is more AI, not less.

A ban list does not remove shadow AI. It removes your view of it. Visibility lets you say yes on purpose: sanction the tools that help, coach the risky ones, and block the few that never belong.

  • Sanction tools team by team, model by model, with a record of who approved what.
  • Point people to Safe Berths, the approved tool for the job, instead of a dead end.
  • Read-only AI Spend and Savings shows where a cheaper model does the same work.
One console, end to end.
Map every tool, inspect what it touches, and act in one click. Reversible with Lift. That is the whole loop, on one screen. See the product.

See it. Approve it. Shut it down.

Start free. One install, your whole AI map back within 24 hours. No proxy, no network change to start.

See your shadow AI free Book a demo