Block, flag, or allow. In real time.
Define what your agents can and cannot do, then enforce it fleet-wide with <10ms latency at the edge. No cloud round-trip required.
GET STARTEDAnti-Self-Harm Policy (E12)
The only security platform that defends against its own agents. A malicious file or tool call can inject prompts like 'disable Quint' and the agent believes it's legitimate. Quint's hardcoded anti-self-harm policy — default-on, non-overridable — detects and instantly blocks any agent action targeting Quint's own processes, config, or certificate authority.
- Blocks prompt injection attacks designed to disable the security layer itself
- Hardcoded safety-net that cannot be overridden by policy changes or admin config
- No traditional EDR faces social engineering attacks from the software it monitors
Edge-First Enforcement
The proxy daemon enforces policies locally on each machine. Block, flag, or allow instantly. Cloud-dependent competitors add 50-200ms; Quint adds virtually none.
- <10ms local enforcement latency
- No cloud round-trip required
Three Deployment Modes
Stdio Relay for code editors. Gateway for HTTP proxy. Watch mode for full dashboard visibility. All three enforce the same policies.
- 3 deployment modes for different environments
- Works with any agent platform — MCP, HTTP, or custom tool protocols
Policies Map to Regulations
Each rule maps to specific compliance framework requirements. Block bulk database reads? That's GDPR Art. 6(1)(a). Policies generate regulatory evidence automatically.
- Every enforcement action links to compliance articles
- 16 compliance frameworks covered natively
Fleet-Wide Consistency
Set a policy once, enforce it everywhere. Every machine running the daemon receives the same rules. Policy changes propagate fleet-wide without restart.
- Centralized policy management with edge distribution
- Changes take effect without daemon restart
Divergence-Aware Enforcement
Policies can trigger on divergence signals. When intent doesn't match truth, Quint can automatically escalate enforcement — even if the individual action would normally be allowed.
- Proxy captures what the agent asked to do; Endpoint Security captures what actually happened
- Divergence between intent and truth triggers automatic escalation
- A file_read that claims to target config.yaml but actually touches ~/.ssh/id_rsa gets caught
Human-in-the-Loop Approval
For medium-risk actions, Quint supports human-in-the-loop approval. The agent action is held pending until a security team member approves or denies in the dashboard.
- Configurable risk thresholds for when approval is required
- Agent execution pauses until verdict is received
- Full audit trail of who approved what and when
AI-Powered Policy Creation
Describe what you want in plain English and Claude Sonnet generates structured enforcement policies. Type: 'Block any agent from accessing SSH keys, AWS credentials, or .env files outside working hours.' Quint generates 6 enforcement rules with the right matchers, time windows, and verdicts — deployed fleet-wide in seconds.
- Natural language to structured policy in seconds
- Claude Sonnet generates matchers, conditions, and verdicts
- Review and edit before deploying — AI assists, you decide
Secure your agents.
Ship with confidence.
One install. Every agent. Deploy in under 2 minutes. Free for your first two machines.