Browser Collectors

Register and deploy AIDR browser collectors to monitor AI activity in managed browsers.

Register browser collector

1. On the Collectors page, click + Collector.

2. Choose Browser as the collector type, then select a browser option and click Next.

3. On the Add a Collector screen:

   • Collector Name - Enter a descriptive name for the collector to appear in dashboards and reports.
   • Logging - Select whether to log incoming (prompt) data and model responses, or only metadata submitted to AIDR.
   • Policy (optional) - Assign a policy to apply to incoming data and model responses.

   The assigned policy determines which detections run on data sent to AIDR. Policies detect malicious activity, sensitive data exposure, topic violations, and other risks in AI traffic.

   • You can select an existing policy available for this collector type or create new policies on the

     Policies page.

     The selected policy name appears under the dropdown. Once the collector registration is saved, this label becomes a link to the corresponding policy page.

   • You can also select No Policy, Log Only. When no policy is assigned, AIDR records activity for visibility and analysis, but does not apply detection rules to the data.

note:

Browser collector output rules always run in Report Only Mode .

4. In the Sites section, configure how policy rules apply to each AI provider domain:

   • Use Policy - Detections trigger actions defined in the policy.
   • Monitor Only - Detections are logged, but not enforced.
   • Discovery - Collector logs site visits for visibility, but does not send content to AIDR.
   • Disabled - No policies are applied, and no activity is logged.

5. Click Save to complete collector registration.

This opens the collector details page, where you can:

• Update the collector name, its logging preference, and reassign the policy.
• Follow the policy link to view the policy details.
• Copy credentials to use in the deployed collector for authentication and authorization with AIDR APIs.
• View installation instructions for the collector type.
• View the collector's configuration activity logs.

If you need to return to the collector details page later, select your collector from the list on the Collectors page.

Deploy collector

The browser collector is a browser extension that detects AI activity in managed browsers and applies content policies to outbound requests to AI providers such as ChatGPT, Claude, and Gemini.

To deploy the extension, use the information on the collector's page in the AIDR console:

• Extension ID or URI - Copy from the Install tab.
• Collector credentials - Copy from the Config tab.

The Install tab provides download links, copyable templates, and instructions for common deployment methods:

• Self-Service - Install the extension and apply a configuration profile on a single machine to quickly try the collector.
• JAMF - Use a Mobile Device Management (MDM) solution to deploy the extension and profile across managed devices.
• Microsoft Intune - Use Microsoft Intune to deploy the extension and profile across managed devices.
• Chrome Enterprise - Deploy the Chrome collector at scale using Chrome Enterprise policies.

Chrome

The AIDR Chrome collector is a

Chrome extension in the Chrome Web Store.

Self-service (testing)

Select the Self-Service option to quickly evaluate the collector on your own device before deploying it at scale. This method installs the browser extension locally and applies a configuration profile with your collector credentials.

Install collector

1. Install the Chrome extension

   Use the Get AIDR Extension link in the Install tab to download and install the extension.

2. Download the configuration profile

   • macOS - download the .mobileconfig profile.
   • Windows - download the .reg policy file.

   This file includes the collector credentials to authenticate the extension with the AIDR service.

3. Apply the configuration

   • macOS - Double-click the downloaded profile, then activate it in System Settings > ... > Profiles.
   • Windows - Double-click the .reg file to merge it into the Registry and confirm the prompts.

   Restart your browser for the settings to take effect.

4. Verify detections

   Visit a supported AI provider (for example, chat.openai.com or claude.ai) and interact with the LLM.

   Depending on the collector policy, you may see blocked prompts or responses that don't make sense because sensitive values in your prompt were redacted before reaching the AI system.

   View the collector data on the Visibility and Findings pages in the AIDR console.

Troubleshoot using extension's DevTools

Use the extension’s DevTools to confirm that it is active and sending data to AIDR:

1. In your browser, open chrome://extensions.
2. Enable Developer mode.
3. Click Details for the AIDR extension.
4. Under Inspect views, click service_worker.
5. In the DevTools console for the background service worker, switch to the Network tab.
6. Interact with a supported AI provider and observe outbound requests to the AIDR APIs.

Chrome Enterprise

To deploy the AIDR browser collector at scale, use Chrome Enterprise Cloud Management . This approach enables centralized installation and configuration across all managed Chrome browsers in your organization.

1. In your Google Admin console, follow the Set up Chrome Enterprise Core instructions to activate your subscription.

2. In the Google Admin console, click the menu icon and navigate to Devices > Chrome browser > Apps & extensions and add the AIDR Chrome browser extension:

   1. Select or create an Organizational Unit (OU).

   2. Click the Users & browsers tab.

   3. Hover over the + icon and select Add from Chrome Web Store.

   4. Search for the AIDR extension using the Extension ID shown on the Install tab in your AIDR console.

   5. Add the extension to the selected OU.

3. Select the added extension. Under Policy for extensions, paste the Extension Policy JSON copied from the Install tab in your AIDR console.

   This policy configuration authenticates the extension with your AIDR environment and enables communication with AIDR APIs for telemetry and enforcement. When you use the Copy button, the JSON is populated automatically with the correct client secret from your collector registration.

4. Select an Installation policy.

   For example, choose Force install + pin to browser toolbar to automatically deploy the extension to all users in the OU and pin it for increased visibility and user awareness.

5. Save your changes.

Edge

The AIDR Edge collector is a Chrome extension in the Chrome Web Store.

Self-Service (testing)

Select the Self-Service option to quickly evaluate the collector on your own device before deploying it at scale. This method installs the browser extension locally and applies a configuration profile with your collector credentials.

Install collector

1. Install the Edge extension

   Use the Get AIDR Extension link in the Install tab to download and install the extension.

2. Download the configuration profile

   • macOS - download the .mobileconfig profile.
   • Windows - download the .reg policy file.

   This file includes the collector credentials to authenticate the extension with the AIDR service.

3. Apply the configuration

   • macOS - Double-click the downloaded profile, then activate it in System Settings > ... > Profiles.
   • Windows - Double-click the .reg file to merge it into the Registry and confirm the prompts.

   Restart your browser for the settings to take effect.

4. Verify detections

   Visit a supported AI provider (for example, chat.openai.com or claude.ai) and interact with the LLM.

   Depending on the collector policy, you may see blocked prompts or responses that don't make sense because sensitive values in your prompt were redacted before reaching the AI system.

   View the collector data on the Visibility and Findings pages in the AIDR console.

Troubleshoot using extension's DevTools

Use the extension’s DevTools to confirm that it is active and sending data to AIDR:

1. In your browser, open edge://extensions.
2. Enable Developer mode.
3. Click Details for the AIDR extension.
4. Under Inspect views, click service_worker.
5. In the DevTools console for the background service worker, switch to the Network tab.
6. Interact with a supported AI provider and observe outbound requests to the AIDR APIs.

Devices

The Devices tab displays browser instances that have enrolled with the AIDR browser collector. You can use this page to monitor device activity, manage device enrollment, and revoke tokens for specific devices.

Enable Auto-Enroll

When enabled, browser instances automatically enroll with the collector when users install the extension and configuration profile.

When disabled, new browser instances that attempt to authenticate with the collector require manual approval for enrollment.

Enable IP Allow List

You can restrict collector access to browsers connecting from specific IP addresses. When enabled, you can add or remove allowed IP addresses.

Device list

Click the menu (⋮) icon in a device row to disable the device, revoke its tokens, or delete it to remove its enrollment.

When auto-enrollment is disabled, devices register with Pending status and cannot send data to AIDR until you activate them using the Activate option in the device menu.

View collector data in AIDR

You can view the event data on the Findings page.

On the Visibility page, you can explore relationships between logged data attributes and view metrics in the AIDR dashboards.

Policy evaluation and detections

When a browser collector sends captured AI activity to AIDR, the rules defined in the assigned collector policy are evaluated. The resulting detections are logged in AIDR for visibility, investigation, and integration with other security workflows.

Input Rules

Input rules that block or redact sensitive data are enforced in the browser to prevent users from sending potentially harmful content to the AI provider.

Output Rules

Browser collectors cannot fully intercept and modify live responses. Because of this, the results of applying output rules are logged by AIDR, but not enforced on the content displayed in the browser. Users continue to see the unmodified response from the AI provider.

Browser collector output rules automatically run in Report Only Mode , which means redaction methods applied to outputs affect only logged content, not what users see.

Format Preserving Encryption (FPE) in browser collectors

Format Preserving Encryption (FPE) encrypts sensitive values while retaining their original format (length, character types, and delimiter positions), allowing AI systems to process data structure without accessing actual values. For example, a phone number like (555) 123-4567 might encrypt to (842) 967-3201, keeping the format recognizable while protecting the original number.

Browser collectors cannot unredact FPE-encrypted values that appear in AI provider responses.

When you apply FPE redaction in input rules:

1. Sensitive data is encrypted before it is submitted to the AI provider.
2. If the AI provider includes this encrypted value in its response, users see the encrypted version.
3. The browser extension cannot decrypt these values using the /aiguard/v1/unredact endpoint.

If a user submits SSN 234-56-7890, FPE encrypts it to a number in the SSN format, like 987-65-4321. When the AI responds with "Your SSN 987-65-4321 cannot be verified", the user sees the encrypted value and may not recognize it as their original data.

tip:

For browser collectors, consider using other redaction methods, like Replacement or Mask, for input rules if you want users to clearly recognize that values have been redacted (for example, <US_SSN> or ***-**-7890).

User experience

When prompts are blocked

When a user prompt is blocked by the collector, they see a banner message summarizing the detections made.

The banner includes:

• Detection types (for example, "Malicious Prompt was detected and blocked")
• Request ID that users can copy and provide to Support

For example:

Malicious Prompt was detected and blocked. Confidential and PII Entity was not detected.

Request ID: prq_b6m7di4yao3lc4q75j5lddx5y7licu5v ⧉

When data is transformed

When the data submitted to the AI provider has been transformed (redacted or defanged), the AI system receives the transformed values. If the system includes these values in its response, this is what the user will see.

Report Only Mode

If all policy rules are set to Report, or the policy is in Report Only Mode , the user experience is unaffected by the collector.

Report Only Mode is automatically applied to AI provider responses shown to the user, which means detections are logged in AIDR but not enforced on the content the user receives from the AI system.

Next steps

• Learn more about collector types and deployment options in the Collectors documentation.
• On the Policies page in the AIDR console, configure access and prompt rules to align detection and enforcement with your organization’s AI usage guidelines.
• View collected data on the Visibility and Findings pages in the AIDR console. Events are associated with applications, actors, providers, and other metadata, and may be visually linked using these attributes.

---

Was this article helpful?

Contact us