APEXLyn Trace
Most organizations govern AI with policies nobody enforces. Trace is different. It watches every way AI gets used across your business, browsers, endpoints, APIs, cloud apps, internal models, applies your rules automatically, and records every action as forensic-grade evidence. And it works alongside your existing security tools, not instead of them.
Monitoring models and APIs in real-time.
Trace monitors AI use across browsers, endpoints, network gateways, API calls, cloud applications, and internal models. Whether someone pastes client data into ChatGPT or an automated pipeline calls an AI API, Trace sees it.
Block, warn, redact, educate, or audit, your policies apply across every enforcement layer. Most-restrictive-wins is a hard platform rule. A stronger block cannot be silently overridden by a weaker allow.
Every AI interaction that Trace governs is recorded as an immutable evidence record, cryptographically hashed, timestamped, and chained. Not a log entry. Forensic-grade proof that can be used in investigations, insurance claims, and legal proceedings.
Already using security platforms across your environment? APEXLyn integrates with what you already have and adds the evidence layer those tools do not provide. Your tools keep working. APEXLyn makes them provable.
Most AI governance tools rely on a single control point. Trace operates across seven enforcement layers so that AI use is governed no matter how it happens, through a browser, an app, an API, a developer pipeline, or an internal model.
The browser extension monitors AI interactions happening through web browsers, the most common way employees access AI tools. It provides entitlement-aware inspection, meaning the depth of inspection matches what the organization’s plan includes. For supported content, the extension parses locally where possible and routes larger files or images through the hosted gateway for deeper inspection. If the extension encounters a temporary failure, service worker restart, stale policy cache, browser storage issue, or classification service unavailability, it follows explicit failsafe behaviour rather than silently allowing uncontrolled AI use.
The endpoint agent monitors AI activity at the device level, covering applications, processes, and local AI tool usage that never touches the browser. The agent is available on plans that include endpoint protection and provides deeper visibility into how AI tools are used on managed devices, including file-level inspection and application-level monitoring.
The hosted network gateway provides a central inspection point for AI-bound traffic. Organizations on plans that include gateway protection route AI traffic through the gateway for classification, policy enforcement, and evidence recording. The gateway handles response inspection, image and file inspection where entitled, and provides consistent enforcement regardless of which browser or device the user is on.
The API interceptor governs AI use that never touches a browser — SDK-based AI calls, direct HTTP calls to AI endpoints, orchestration frameworks, CI/CD pipeline AI calls, agentic workflows, and machine-driven AI use. The interception path preserves a three-checkpoint model: data retrieval, pre-LLM prompt, and response. This means Trace can enforce policy and record evidence even for fully automated AI interactions that no human initiates through a user interface.
Cloud application connectors provide SaaS-native visibility into AI-related activity within platforms like Microsoft 365 and Google Workspace. These connectors use proper authentication and consent, monitor webhook health, implement retry and resync behaviour, and comply with provider rate limits. For every connector, Trace tracks: connected state, authentication validity, webhook health, event delay, throttled state, re-authentication requirement, and last successful sync.
AI output DLP governs what AI models produce, not just what users send to them. This covers model-generated sensitive data, regurgitated internal content, model-produced regulated data, and prompt-injection effects visible in outputs. Output classification creates separate output-specific evidence and preserves visible input/output linkage, meaning an investigator can trace what went in, what came out, and whether the output contained sensitive material that the input did not.
Internal LLM API protection governs AI endpoints that live inside your organization, private AI services, self-hosted models, and internal model traffic that never leaves your network. The policy engine supports different policy postures for: public external AI (e.g., ChatGPT), approved external AI (e.g., enterprise Azure OpenAI), internal private AI (e.g., self-hosted models), and high-assurance private AI (e.g., air-gapped or classified environments). This means your policies can be strict for public AI and permissive for approved internal AI, or vice versa, based on your organization’s risk profile.
Trace is not a replacement for your SASE, your endpoint management, or your SIEM. It is the AI-specific governance and evidence layer that your existing stack does not have. Trace integrates with your current tools and adds what they are missing, AI visibility, AI policy enforcement, and forensic-grade AI evidence.
Bidirectional where supported
Trace sends AI-specific findings, events, and severity classifications directly to your SIEM and XDR. Where supported, data flows both ways — risk-score synchronisation with CrowdStrike Falcon and Microsoft Defender XDR, analytics-rule feedback from Microsoft Sentinel.
Supported Platforms
Microsoft Sentinel · Splunk · IBM QRadar · LogRhythm · Datadog · Elastic · Sumo Logic · Exabeam · Rapid7 InsightIDR · CrowdStrike Falcon · Microsoft Defender XDR · SentinelOne
Via ICAP v1.0
Enterprise customers running Zscaler, Netskope, Prisma, or equivalent SASE platforms can route AI-relevant traffic to Trace through ICAP for AI-specific inspection and policy enforcement. Trace acts as the AI decisioning layer within your existing traffic-control infrastructure.
Supported Platforms
ICAP v1.0 (port 1344, REQMOD + RESPMOD) · Compatible with Zscaler, Netskope, and Prisma enterprise paths
Automated incident and alert routing
When Trace detects a policy violation or a high-severity AI event, it can automatically create incidents in your ITSM, trigger alerts in your collaboration tools, and feed findings into your GRC platform.
Supported Platforms
ServiceNow · Jira · PagerDuty · Slack · Microsoft Teams · ServiceNow GRC
Trace also supports generic HMAC-SHA256 signed webhooks for any destination not covered by the native integration catalog.
Trace does not rely on simple keyword matching. It uses a staged classification pipeline that applies multiple inspection methods in sequence, from fast deterministic checks to deeper semantic analysis, before making a policy decision.
Content normalisation and format detection before inspection begins.
Fast pattern-based checks for known sensitive data types, tax file numbers, credit cards, health identifiers, account numbers.
Deeper content analysis to identify sensitive information that does not match simple patterns, legal privilege, medical records, financial advice, personally identifiable context.
Detection of prompt injection attempts where an input tries to manipulate the AI model into bypassing controls or revealing protected information.
Enrichment from connected sources, who is the user, what department, what device, what is the destination AI tool, what tier is the destination classified as.
Extraction and classification of content within uploaded files and images, where the organization’s plan includes file and image inspection.
Inspection of what the AI model produces, not just what was sent to it. Detects sensitive data in responses, regurgitated internal content, and prompt-injection effects.
All classification results are packaged into an action envelope and resolved against the organization’s policy rules. The most-restrictive-wins rule applies.
Trace policies are not documents that sit in a folder. They are versioned, enforced rules that apply automatically across every enforcement layer. When a policy changes, a new version is created, approval is recorded, the compiled ruleset is distributed to all control layers, and the old version is preserved for historical reference.
The policy engine evaluates AI interactions against multiple condition dimensions simultaneously: data classification result, destination tier (public AI, approved AI, internal AI, high-assurance AI), specific destination tool, user group, tenant type, device posture, deployment mode, time conditions, connector context, whether the interaction is input or response, and whether the user or device is managed or unmanaged.
Available actions are: allow, allow with audit, warn, redact, educate, and block. Each action defines user-facing behaviour, evidence behaviour, severity behaviour, and escalation behaviour.
Most-restrictive-wins is a hard platform rule. If multiple policy rules apply to an interaction, the most restrictive action takes precedence. Block overrides warn. Warn overrides allow. Redact overrides allow where redaction is the safer path. An approval-based allow cannot silently defeat a stronger hard-block rule unless an explicit override class exists and is fully audited.
Policy templates are available for common industry configurations — healthcare, legal, financial services, government — so organizations do not need to build policies from scratch.
Most-restrictive-wins architecture
When something happens, Trace does not just alert you. It gives you the tools to investigate, build a case, verify the evidence chain, and prepare export bundles for legal, compliance, or insurance review, all within the platform.
Search and filter across all AI events by time, user, severity, data classification, destination, policy, action taken, and device. Move from one event to related events to build the full picture.
Trace connected events across input and output, across sessions, and across related interactions. Understand not just what happened, but the chain of events that led to it.
Create formal investigation cases with linked events, case notes, ownership, severity, and auditable status progression. Cases move through defined stages: open, in review, escalated, hold applied, export preparing, and closed.
Verify the integrity of the evidence chain for any event or set of events. Confirm that no evidence has been altered since collection. Verification results are themselves recorded.
Prepare controlled export bundles scoped to specific cases, time ranges, or event selections. Exports are tied to formal export request records, expiry-controlled, and audit-visible. No uncontrolled bulk exports.
When legal proceedings, regulatory investigations, or insurance claims require AI-related evidence, Trace provides formal legal hold and structured evidence export capabilities. Held evidence cannot be deleted or purged, regardless of retention schedules or account status. When the matter is resolved, hold release requires explicit approval and the release itself is recorded.
Trace supports three types of legal hold: case hold (preserving evidence linked to a specific investigation case), tenant hold (preserving all evidence for an entire tenant), and external hold (preserving evidence in response to an external legal or regulatory request).
Every hold includes a matter name, matter reference, reason, scope definition, creation record, approval record, and review date. Creating a hold requires an authorised role. Releasing a hold requires explicit approval from an authorised role, a release reason, and generates a permanent audit event. An MSP cannot unilaterally release a client tenant's hold.
While a legal hold is active: retention expiry does not purge in-scope data, deletion requests do not purge in-scope data, backups and restore logic respect the hold scope, and export rights follow the standard authorisation model.
For legal proceedings, Trace generates structured eDiscovery packages containing: evidence manifest, scope definition, event records, case records where applicable, verification results, hash manifest, chain-of-custody records, and a human-readable PDF companion. The package is structured for legal review, not as a loose file dump.
For forensic evidence needs, Trace generates evidence packs with: platform digital signature, chain-of-custody attestation, investigator signature field, verified entry hashes, and evidence scope statement.
Case hold
Preserves evidence linked to a specific investigation.
Tenant hold
Preserves all evidence for an entire organization.
External hold
Preserves evidence for external legal or regulatory proceedings.
Hold overrides deletion. Always.
Shadow AI Discovery
Shadow AI is AI tool usage that happens without organizational knowledge or approval. Employees trying new AI tools. Teams adopting AI assistants without IT involvement. Developers using AI APIs in side projects.
Trace discovers and surfaces this usage so your organization can make informed decisions about what to allow, what to govern, and what to block. Together, shadow AI discovery and internal AI inventory give you a complete picture of AI activity across your organization.
Trace uses a sovereign AI architecture. The platform's internal AI capabilities — classification, forensic search assistance, compliance narrative generation, run within a restricted boundary. The sovereign AI is used only for narrow, approved APEXLyn functions. It is never exposed as a free-form assistant, never creates a general chat surface, and never routes your organization's content to external public AI APIs in the data path.
All evidence, reports, audit logs, and governance records are hosted in AWS Sydney. No cross-region replication. No offshore processing. Encryption at rest uses AES-256. Encryption in transit uses TLS 1.3. This is enforced at the infrastructure level.
Start with the browser extension on Trace Standard. See where AI is being used, apply basic policies, and start building your evidence trail. No enterprise infrastructure required. No endpoint agent needed. Just install and start governing.
Add the hosted gateway, endpoint agent, deeper classification, forensic workspace, and API interceptor on Trace Professional or Enterprise. Connect to your existing SIEM, XDR, and ITSM. Apply granular policies by department, user group, and destination tier.
Trace Sovereign provides isolated deployment, customer-managed encryption keys, and the strongest evidence assurance. Full integration with existing government-approved security infrastructure via ICAP. Government-grade AI governance with forensic evidence that meets the highest standards.
Start where your organization is today. Scale as your AI governance requirements grow.
From A$499/month
Browser extension enforcement, AI interaction monitoring, semantic analysis, and policy response actions.
See full pricing →From A$2,499/month
Hosted gateway enforcement, response inspection, image/file inspection, and integration with SIEM workflows.
See full pricing →From A$8,500/month
Endpoint agent, forensic workspace, legal hold capability, and advanced export bundles for serious governance.
See full pricing →Contact sales
Customer-managed keys, isolated deployment, and the highest evidence assurance for government institutions.
See full pricing →Whether employees use AI in browsers, APIs with sensitive data, or internal models processing regulated information , Trace gives you visibility, control, and proof.
