GenAI Prompt Submit Detection and Prevention

GenAI Websites are an additional exit point from which data can be leaked unintentionally by users.

Proofpoint Browser Extension must be installed and enabled. (See Proofpoint Browser Extension.)

Supported Browsers

The following Windows Browsers are currently supported:

• Google Chrome
• Chromium-based browsers: Edge, Island, Brave, Opera

Supported GenAI Sites

• ChatGPT by OpenAI
• Gemini by Google
• Copilot by Microsoft
• Claude (by Antrophic)
• Perplexity
• character.ai
• AnonChatGPT
• Rytr
• YouChat

You must enable the Proofpoint Browser Extension from the Agent Realm. To enable, from the Administration application, select Endpoints > Agent Realms. In the Advanced Settings of the Agent Realm, in the Browser Extension area, turn on Enable Interaction with Agent. Select Detect Text Submit in Websites (GenAI) (for detection) and/or Prevent Text Submit in Websites (GenAI) for prevention.

You can:

• Detect and alert when text is submitted to supported Web-based Gen AI

• Prevent users from submitting text with blocking

• Trigger content scanning when text is submitted

When a text prompt is submitted, the text is captured with the following details:

• Primary Category is GenAI Prompt Submit.

• URL Domain is the currently browsed website.

• Resource URL is the target service extracted from the API.

Detection

To detect a text prompt from web-based GenAI tool:

From the Administration application, select Endpoints > Agent Realms. In the Advanced Settings of the Agent Realm, select Browser Extension > Browser Extension Triggers > Detect Text Submit in Websites (GenAI).

Detecting and Alerting on Text Submitted to Supported GenAI Tool

You can set up a detection rule that alerts when text is submitted.

From the Detection Rule screen do the following:

1. From the If area in the Settings tab, select Select Field from the Select dropdown.

2. From the fields on the right, select Activity > Primary Category / Category fields.

3. From Select Values list, select GenAI Prompt Submit.

   Add any other relevant fields you want, for example user name.

4. In the Then area, define the alert and notification policies you want.

Content Scanning for Text Submitted to Supported GenAI

When Proofpoint Browser Extension is installed and enabled, it can be used to detect and prevent text submitted to GenAI websites based on content scanning of the text prompt.

From the Agent Realm, turn on Enable Interaction with Agent. Select Detect Text Submit in Websites (GenAI) (for detection) and/or Prevent Text Submit in Websites (GenAI) for prevention.

Prevention

You can create rules to prevent exfiltration of text submitted to supported GenAI. Blocking and Prompt are supported.

The following conditions can be used in Prevention Rules on GenAI Prompt Submit:

• Indicator/Detector Name: (Detector > Indicator/Detector Name) Selected detector value.

• Users name: (User > User Name) Name of the monitored user

• Group Name: (User > Group Names) Group with monitored user

• Resource URL: (File/Resource > Resource URL) URL GenAI is submitted to

You can block/prompt to specific sites when you define a prevention rule. For example, your organization wants to limit which GenAI are permitted. In the example, users are blocked from GenAI submit for all sites except Copilot.

 

Creating a Rule to Block Text Submitted to Supported GenAI

1. From the Proofpoint Information and Cloud Security Platform, select the Administration app. Select Endpoints > Prevention/Endpoint . Rules.

2. Click New Rule and from the Prevention Rule area and click Create Rule and the Select Action to Perform panel displays.

   

3. For a prevention rule, select Prevention Rule.

4. In General tab, complete the Name field and Description (optional) field.

   

5. Click Next to continue to the Activity and Action tab.

6. In the Activity area, select GenAI Prompt Submit and in the Action area, select Block or Prompt the user to provide a justification. Click Next.

7. In the Settings tab, in the If section, the Category is set.

8. Click Add Row and select the filters you want.

9. In the Then area, select the action. Click Next.

10. From the Agent Policies, select the Agent Policies that the rule applies to. Click Save.