How it works

Catches the leak before the request is sent

Watch Dog intercepts uploads at the browser layer and scans them on-device in milliseconds. Nothing is ever uploaded in order to scan it.

The interception pipeline

1

Detect the upload

A content script detects FormData uploads, and an injected script intercepts XHR and fetch at document_start — before the request is sent.

2

Read locally

The file content is read into memory on the device. Large files are chunked so scanning stays fast and memory-safe.

3

Scan in parallel

Scanners run locally and in parallel: regex patterns, file metadata, NLP, and optional on-device AI — all in milliseconds.

4

Warn, block & log

The result drives the action: warn the user or block per policy. A content-free audit event is recorded for admins.

chat.openai.com · Upload
Q3-client-report.pdf
2.4 MB · scanning locally…
Upload blocked by Watch Dog

Sensitive data detected before upload: 2 SSNs, 1 credit card, client PII. Nothing was sent.

Cancel uploadRedact & continue
Scanned 100% on-device · no file content left this browser

Fast, local, and complete

Large files are chunked and scanned in parallel, so even big documents are inspected in milliseconds. Because everything happens in the browser, there's no round-trip to a vendor cloud — no latency, no content leaving the device, and no gap between detection and prevention.

Ready to close the human-error gap in your DLP?

Book a demo to see the org dashboard, or add the free extension and try pre-upload interception yourself.