Security checkpoint that reviews everything your team sends to an AI API preventing data leaks

CattleGrid is a British technology company that provides a security system to protect organisations using AI services like Anthropic’s Claude, OpenAI, Google's Gemini and more. Think of it as an invisible security checkpoint that reviews everything your team sends to an AI Provider before it ever leaves your control.

When employees use AI tools to assist with their work, they might accidentally include sensitive information—such as customer National Insurance numbers, credit card details, medical records, or confidential company secrets. CattleGrid detects this data and prevents it from being sent, keeping your organisation safe and compliant with data regulations.

What changes when CattleGrid is in front of your AI traffic

Without CattleGrid

An employee pastes customer data into an AI chat without thinking
Sensitive information leaves your network and goes to external servers
Your organisation may violate privacy laws (HIPAA, GDPR, PCI-DSS)
You have no record of what was sent or when
You only find out about the problem after damage is done

With CattleGrid

Every AI request is automatically scanned before it is sent to the AI platform
Sensitive information is detected and blocked instantly
The employee sees a clear message explaining what was blocked and why
Administrators receive immediate alerts about policy violations
Complete records are kept for compliance audits

At its core, from first principles, Cattlegrid serves as a critical control layer for organisations seeking to align with ISO 42001and GDPR legislation by providing the necessary oversight and risk mitigation for enterprise AI adoption. By implementing a Zero Trust, Zero Retention model—characterised by memory-only processing and outbound-only inspection—the platform ensures that sensitive data is restricted from ever exiting the organisation without oversight and supportsthe data minimisation and storage limitation principles championed by the ICO and required for ethical AI governance

EU AI Act Omnibus Agreement

What happened on 7 May 2026 The European Council and European Parliament reached provisional political agreement on the Digital Omnibus on AI — a legislative package designed to simplify and streamline how the EU AI Act is implemented. This is a real and material change to the timeline. It is not a rewrite of the Act’s core architecture. The risk-based framework — prohibited practices, high-risk systems, transparency obligations, governance requirements — remains entirely intact. The Omnibus requires formal adoption and publication in the Official Journal before it becomes binding law. On the basis of political agreement between both co-legislators, it…

You Don’t Have a Compliance Team. Here’s What That Means When Your Staff Use AI.

In enterprise technology there was a challenge with what was called “skunk works”. There’s the software companies use and buy, and then there’s the stuff people make and create to do their work Bits of orphan code that glue workflows together. Workaround installed years ago. Some with a corporate memory. Most without documentation . My First customer services team at Microsoft used a CRM the team built on Access and Crystal Reports. Ran the whole department for a couple of years. I came across a consultant once in a large teaching hospital, who proudly showed me the macro-ridden spreadsheet that…

WHOSE FLAG PROTECTS YOU?

A Series of 9 Posts Prepared 05-03-2026 Contents 1. Two Flags, One Problem — Why Neither Superpower Is Safe for European Data 2. The Warrant vs The Obligation — How Each Government Reaches Your Data 3. FISA Section 702 — The Surveillance Programme That Europe Cannot Ignore 4. China’s Seven Laws — The Cage That No Contract Can Open 5. The Adequacy Illusion — Why the Data Privacy Framework Doesn’t Solve the Problem 6. The Uncomfortable Similarities — What the US and China Actually Have in Common 7. Encryption — The One Technical Measure That Might Change the Equation 8.…

THE WISDOM OF FOOLISHNESS

Contents 1. Public-Key Cryptography — The “Fool’s Errand” That Secured the Internet 2. The Crypto Wars — When Encryption Was a Crime 3. Zero Trust — From “Neat But Impractical” to Presidential Executive Order 4. Full Disclosure — “Information Anarchy” That Saved Us All 5. Penetration Testing — “You Want to Pay Someone to Hack Us?” 6. Bug Bounties — Paying Strangers to Break Your Software 7. Multi-Factor Authentication — “Too Inconvenient” to Bother With 8. Open Source Security — “You’re Giving Attackers the Blueprint!” 9. The Pattern — Why the Establishment Always Gets It Wrong First Post 1: Public-Key…

The Current Security Landscape

• Average UK breach cost: £3.29 million (financial services: £5.74 million) • Shadow AI breaches cost an additional £498,000 • Internal threats (malicious/negligent/compromised) account for 30% of breaches • 63% of breached organisations lacked AI governance policies • Only 31% of UK organisations have governance policies for AI usage The attacks that succeed—phishing campaigns exploiting human behaviour, insider threats, shadow AI data leakage, supply chain compromise—occur in the 90% of the attack surface that basic technical controls cannot address. For organisations serious about security, the question is not whether to obtain Cyber Essentials (government procurement may require it), but whether…

We’re going to need a bigger boat

I say this by way of explanation. Its my job. Here at CattleGrid we’re building a toll that’s at the intersection of governance and technology, AI technology specifically. Fingers on the pulse. However at the moment that pulse is racing. The rate of change is astonishing. The usually staid commentary of the corporate world is buzzing with enthusiasm tempered with some measure of alarm; From a VP at Meta getting her inbox wiped by a rogue openclaw instruction through to the kill chains in the American attacks on Iran AI is the debate everyone’s having. And its the thing everyone’d…

Compatible with the providers your team already uses

Anthropic

OpenAI

Gemini

Mistral AI

Cohere

Azure AI