Generative AI DLP is data loss prevention that operates where generative AI actually happens: the prompt box and the file upload. Aona inspects every prompt and attachment at the browser and endpoint layer, then hard-blocks or redacts sensitive data in real time, before it leaves the device, across ChatGPT, Copilot, Gemini, Claude, and 5,600+ other tools.
The same pipeline runs whether an employee types a prompt or attaches a document. Enforcement happens before the data reaches the AI provider, not after.
Generative AI traffic is HTTPS encrypted, so network DLP reads nothing. Aona sits at the browser and endpoint layer and sees the prompt or file at the moment of submission, before it leaves the device.
The content is classified against sensitive data types: PII, financial records, source code, credentials, and confidential business data, at 97 to 99 percent detection accuracy. Custom classifiers cover data types unique to your organisation.
Your policy decides the outcome per tool, team, and data class: hard-block the submission, redact just the sensitive portion, or coach the employee in the moment and let the safe remainder through.
We are explicit about capability status. Prompt inspection and DOCX and Excel redaction are available today. PDF redaction is in active development.
Every prompt is inspected before submission. Sensitive content is hard-blocked or redacted inline, and the employee sees why, in the moment.
DOCX and XLSX files are redacted inline at upload with layout preserved: headings, tables, cell formats, and structure survive, so the safe copy stays usable.
Layout-preserving PDF redaction is in active development and not yet generally available. Until then, policy still applies: warn the employee or block the upload.
The same policy follows the employee across 5,600+ AI tools, sanctioned or shadow, so coverage never depends on a manually maintained blocklist.
Uploading files is the highest-bandwidth leak path. See how layout-preserving file redaction works.
When Aona redacts a Word or Excel file, it edits the document in place rather than flattening it or stripping its structure. The employee's AI workflow continues on a clean copy that still reads like the original, minus the sensitive content. The same principle applies to prompts: remove the account number, keep the question. Blocking everything just moves AI usage to personal devices where you have no visibility at all.
DLP that only says no trains employees to route around it. Aona pairs enforcement with coaching at the exact moment of a risky prompt.
When a prompt trips policy, the employee sees what was flagged and why, right there in the tool, and gets a safe way to continue. Over time this changes behaviour instead of just suppressing it, which is the difference between a control and a cat-and-mouse game.
Some tools and data classes should never mix: unvetted AI apps, regulated records, source code for crown-jewel systems. For those, Aona enforces hard-block guardrails that stop the submission outright, with an audit trail your compliance team can stand behind.
Reduction in shadow AI prompts in three months, from 446 to 28 per month, while overall AI usage kept growing.
A DLP vendor sees your most sensitive near-misses. Ours is a short, verifiable list of claims.
Independently attested controls
Security, availability, and confidentiality
Data residency built in
Australia, France, UK, Germany, US, Singapore, Hong Kong
Sensitive data detection
Across PII, financial, and source code
This page covers DLP for generative AI as a whole. Each major tool has its own deep dive, and the hub organises the full cluster.
The parent guide: what AI DLP is, how it differs from legacy DLP, and every page in the cluster.
How employees leak data through ChatGPT, and how Aona stops it in real time.
Govern what flows into Copilot across Microsoft 365 and the browser.
See and control how teams use Google Gemini, with real-time guardrails.
Inspect and redact regulated data before it reaches Claude and Anthropic models.
How to add the AI layer without ripping out the DLP you already run.
Start a 30-day free trial and enforce your first generative AI DLP policy in minutes, or book a demo to watch hard blocks, redaction, and the real-time coach on live prompts.