FROM MANAGED DEVICE TO ENGINE TO PROVIDER
1
Capture on the device. The agent watches an allowlist of AI destinations — browser AI like ChatGPT, Claude, and Gemini, plus desktop AI apps — and handles TLS for that governed slice only, under a certificate configuration your MDM controls.
2
Tunnel to the engine. Captured traffic travels over mTLS — authenticated by the MDM-provisioned device certificate — to the central Salus Engine in your environment. This works on the corporate network, at home, or roaming.
3
Engine does the heavy lifting. Detection, tokenization, vaulting, and policy run centrally; provider egress originates from your data center — PHONE_8f3a crosses the boundary, not the subscriber's number.
4
Restored stream back. The engine restores the provider's streamed response inline and returns it through the tunnel — the user sees a live answer with real values, in the same browser tab or app they started in.

Why an endpoint agent exists at all#

Server-side gateways can only protect traffic that is configured to reach them — which employee browser AI, by nature, is not. Salus Desktop closes exactly that gap: the shadow-AI surface of people using consumer AI interfaces on company laptops. And because capture happens on the device, it uniquely covers what network-side capture never sees — off-network, roaming, and split-tunnel devices, as long as the agent can reach the Salus ingress.

Deliberately thin#

The device holds no detection model, no vault, and no long-lived token mappings. Everything sensitive stays central: detection intelligence, the mapping, keys, and restore authority live in your data center, not on thousands of laptops. Centralizing egress also means provider calls originate from known, allowlistable data-center IPs, and provider keys never touch endpoints.

What IT and security teams should expect#

  • Deployment — packaged for MDM (Intune / Jamf); rollout is a standard managed-software push with a device certificate (SCEP/ACME).
  • Identity — the agent authenticates with the device certificate; user attribution comes from your MDM's device-to-user mapping. No interactive sign-in exists on this surface.
  • Scope — capture is limited to the governed AI destination allowlist; TLS handling is customer-controlled and applies to the AI slice only, with explicit bypass rules where policy allows.
  • Human review — the agent can present the review window before content is sent, so detected items are visible and correctable on the device.
  • Unmanaged devices — without the managed certificate configuration, governed AI destinations are blocked rather than silently unprotected — a posture most security teams consider a feature.

Not the Workspace desktop app#

The naming matters. Salus Desktop is this page: the Gateway's endpoint capture layer, invisible infrastructure on a managed device. The Workspace desktop app is a chat client people open on purpose — Salus's own AI application, described in Salus Workspace. Both run on the same engine; they are otherwise different products with different jobs.