Sonomos Desktop — System-Wide PII Protection (Coming Soon)

The Sonomos browser extension you can install today is a prototype / proof of concept. It exists to prove that local-first, zero-exfiltration PII protection is practical inside the everyday AI workflows used by healthcare, legal, financial, and HR teams.

Sonomos Desktop is the production-grade, system-wide successor — a native application that protects PII anywhere you work, not just inside the browser. This page is a preview of what’s coming.

Note

Sonomos Desktop is in active development. Specific features, names, and availability are subject to change as we incorporate feedback from prototype users. Want early access? Email info@sonomos.ai to join the beta list.

Why a desktop app?

The browser extension protects the most common AI surface — pasting into Claude, Gemini, Grok, and similar web apps — but real workflows leak PII through many other channels:

• Native desktop AI apps (Claude Desktop, ChatGPT Desktop, Copilot, Perplexity)
• Local LLMs (Ollama, LM Studio, llama.cpp, vLLM)
• IDE assistants (Cursor, Windsurf, GitHub Copilot Chat, Continue)
• Productivity tools (Slack, Notion AI, Microsoft 365 Copilot, Google Workspace)
• Clipboard, screenshots, and dragged-in files
• Voice transcription and meeting summarizers

A browser extension can’t see any of that. A native desktop app can.

What’s coming in Sonomos Desktop

System-wide PII protection

• Universal clipboard guard — every copy/paste is screened for PII before any application can read it. Mask, warn, or block based on the destination app.
• System-wide Send Guard — works in any text field in any app, not just the browser. Native AI assistants, Electron apps, Office documents, chat clients.
• Screenshot scanning — capture a screenshot and Sonomos detects PII in the image before it lands in your clipboard, file share, or AI prompt.
• File-drop scanning — drag a PDF, image, or document into an AI app and Sonomos scans it on the way through.

Coverage for native AI assistants

• Claude Desktop, ChatGPT Desktop, Copilot, Perplexity Desktop — Cloak-style masking integrated with each native client.
• IDE assistants — protection for Cursor, Windsurf, GitHub Copilot Chat, JetBrains AI Assistant, and Continue, including source files passed as context.
• Local LLMs — first-class support for Ollama, LM Studio, and llama.cpp. Useful for confirming that even “local” prompts don’t accidentally include PII you didn’t mean to keep in logs.

Stronger, faster on-device AI

• Larger on-device models — desktop hardware can run bigger, more accurate detection models than a browser tab.
• GPU / Apple Silicon acceleration — Metal, CUDA, and DirectML acceleration for near-instant scanning of long documents.
• Improved OCR — higher-fidelity image and document parsing for screenshots, scanned PDFs, and photos.
• Voice & transcript scanning — detect PII in meeting transcripts and voice notes before they’re shared with an AI summarizer.

Air-gapped and high-assurance modes

• Fully offline mode — no network calls of any kind, including license validation, for air-gapped or classified environments.
• Verifiable build provenance — signed binaries with SBOMs for security review.
• Hardware-backed key storage — integration with platform keychains (macOS Keychain, Windows DPAPI, Linux Secret Service) for Teams policy keys.

Enterprise & Teams features

• SSO / SCIM — Okta, Microsoft Entra ID, Google Workspace for sign-in and automated user provisioning.
• MDM-friendly deployment — Jamf, Intune, and Workspace ONE packages with managed configuration.
• Policy-as-code — define detection, masking, and Send Guard rules in a versioned policy file your security team can review and ship.
• Centralized audit log — tamper-evident, exportable detection and masking events for HIPAA, PCI-DSS, SOX, and GDPR documentation.
• DLP-style allow/deny lists — per-app and per-destination policies (e.g., allow PHI in your EHR, block it in any AI client).

Better operator experience

• Native notifications with quick actions — mask, allow once, allow for this app.
• Per-app sensitivity profiles — different rules for the EHR vs. a public chatbot.
• Detection history — searchable, local-only history of what was detected and where, with one-click “explain this match”.
• Lower battery and CPU impact — native code path uses far less power than a browser extension running an in-tab model.

Platforms at launch

We’re targeting:

Platform	Status
macOS	Primary launch target
Windows	Primary launch target
Linux	Best-effort, post-launch

The browser extension will continue to work alongside Sonomos Desktop so you don’t lose protection on Chromebooks, shared devices, or browsers on platforms where the desktop app isn’t yet available.

What stays the same

• Local-first — detection and masking continue to run on-device. No page content, prompts, screenshots, or detected PII are sent to Sonomos servers.
• The Dagger and Cloak names and concepts — the detection engine and masking engine carry over, with significantly upgraded models and platform coverage.
• HIPAA-aligned design — Sonomos remains a technical safeguard layered into your broader compliance program.

Migrating from the extension

When Sonomos Desktop ships:

• Your existing Sonomos account and subscription will work in both the extension and the desktop app.
• Settings (Cloak toggle, widget preferences, Send Guard mode) will sync where it makes sense.
• Teams policies created on the extension will carry over, with new desktop-only policies available to opt into.

Get notified

• Join the beta list — email info@sonomos.ai with subject line “Desktop beta”.
• Tell us what would unblock you — the prototype’s feedback form (popup → Send Feedback) feeds directly into the desktop roadmap. The native AI apps, IDEs, and local LLMs you mention are the ones we prioritize.
• Watch the changelog — desktop preview builds will be announced there first.