Standard firewalls (SWGs) can only tell you an employee visited chatgpt.com. AiRysk captures the exact prompt, response, model version, and user identity without routing traffic through a vulnerable proxy.
Live Dashboard Replica: Discovered Application Volume
For HTTP/SSE providers like ChatGPT and Claude, the AiRysk extension attaches via the Chrome Developer Protocol (chrome.debugger) to capture the raw Network payload before encryption.
M365 Copilot requires advanced capture. AiRysk utilizes a targeted MAIN-world script injection to monkey-patch window.WebSocket, reassembling asynchronous conversation turns perfectly.
IPs don't equal people. AiRysk extracts the exact user email from the provider's /me endpoint pre-redaction (e.g., /backend-api/me for OpenAI) to guarantee non-repudiation.
Native messaging continuously sends telemetry to the local Windows Agent where it is spooled to disk, signed with HMAC-SHA256, and reliably forwarded to the EKS cloud. No data is dropped during outages.