Arms Cyber has launched an AI Policy Enforcement tool for endpoint devices, aimed at giving security teams visibility into AI activity running on employee machines.
Delivered through the company's existing endpoint agent, the tool is designed to let security teams monitor AI tools, models and services and apply policy in real time. It covers both cloud-based AI tools and locally running models that may not be visible to network security systems.
The launch reflects growing concern among corporate security teams about the spread of artificial intelligence software across staff devices. As businesses adopt coding assistants, generative AI applications and open-source models, security leaders have faced a gap between approved cloud services and software running directly on laptops and desktops.
That gap has widened because many existing controls, including data loss prevention, cloud access security broker and endpoint detection and response tools, focus on network traffic or known endpoint threats. Locally running large language models can operate without creating the network signals those systems typically inspect.
Endpoint focus
Arms Cyber said its system identifies AI activity on the endpoint itself and links it to the files and directories being accessed. Security teams can then apply policy before sensitive information leaves the device.
The company highlighted AI assistants built into integrated development environments, which can expose source code, application programming interface keys and proprietary logic during normal software development work. It also pointed to open-weights models running locally on endpoints, which can bypass conventional network controls altogether.
Arms Cyber has framed the new product as an extension of its broader endpoint security architecture. The same telemetry used in its existing platform to detect ransomware, malicious payloads and living-off-the-land techniques is now being used to identify AI activity as it starts.
The company added that protected data remains hidden from unauthorised processes, including AI tools that attempt to access sensitive directories. Its backup and recovery functions also remain part of the same endpoint agent, combining data recovery and AI governance in one product layer.
Bob Kruse, Chief Executive Officer of Arms Cyber, described the issue as a basic visibility problem for security teams.
"You can't govern what you can't see," said Bob Kruse, Chief Executive Officer of Arms Cyber. "Until today, no endpoint security platform gave security teams a complete view of AI activity, particularly the locally running models that bypass network controls entirely. AI Policy Enforcement closes that gap using the same stealth-driven foundation that has made ransomware and other attacks irrelevant for our customers."
Rising pressure
Arms Cyber linked the launch to broader demands facing Chief Information Security Officers, security operations teams and governance, risk and compliance functions. Boards, regulators and insurers are asking for more concrete evidence of which AI tools are in use, what data those tools can access and how policy is enforced.
The company pointed to several sources of pressure, including the EU AI Act, guidance from the US Securities and Exchange Commission on material AI-related risk and sector rules such as those covering healthcare data. It also said cyber insurers are starting to include AI governance questions in renewal applications.
That pressure comes alongside changes in the threat landscape. Security vendors and corporate defenders have been tracking the use of AI in malware development, phishing, social engineering and code generation, while defenders have sought ways to stop sensitive company data from being exposed through AI systems.
For many organisations, the challenge is not limited to mainstream cloud AI tools. Developers, researchers and other staff can install or run models directly on devices, making it harder for central security teams to maintain an accurate inventory or enforce data-handling rules through conventional network-based systems.
By focusing on endpoint activity, Arms Cyber is entering a segment of the cybersecurity market that is becoming more crowded as vendors respond to customer concern over uncontrolled AI use. Security suppliers across endpoint protection, data security and governance software have been adding discovery, monitoring and policy controls aimed at so-called shadow AI.
Arms Cyber said its approach avoids the need for extra software deployment or replacement of existing security tools because the feature is delivered through the endpoint agent already used by customers. The objective, it said, is to provide a single layer for AI threats, data threats and insider-related risks from the endpoint itself.
"You can't govern what you can't see," said Kruse.