HISN حصن
← Back to Docs

How HISN Works

Overview

HISN is a transparent HTTPS proxy that sits between your employees' devices and AI services. It inspects every request before it leaves your network.

Traffic Flow

  • Employee opens ChatGPT (or Claude, Gemini, etc.)
  • Request passes through HISN proxy — the proxy decrypts, inspects, and re-encrypts the traffic
  • Detection engine scans the content for sensitive data:
- Credit card numbers, bank accounts (IBAN)

- National IDs, passport numbers

- API keys, tokens, private keys

- Person names, email addresses

- Confidential document markers

  • Policy engine decides what to do:
- Block: The request is stopped. The AI service never sees it. The user gets a clear error message.

- Warn: The request goes through, but the event is logged and flagged for review.

- Allow: Normal traffic passes through unmodified.

  • Event is logged in the dashboard with full details

What Gets Scanned

  • Messages sent to AI chat interfaces (ChatGPT, Claude, Gemini)
  • API calls to AI services (OpenAI API, Anthropic API, etc.)
  • File uploads to AI services

What Does NOT Get Scanned

  • Non-AI traffic (regular websites, email, etc.)
  • Responses from AI services (only outbound data is inspected)
  • Traffic to services not in the AI service list

Privacy

  • HISN runs entirely on your infrastructure
  • No data is sent to HISN servers
  • The proxy only inspects traffic to configured AI services
  • Logs are stored in your own database