Your Data.
Your Rules.

PortEden sits between AI and your business tools as a data firewall. Every tool call AI makes (to read an email, search your calendar, list files) passes through PortEden's rules first. You decide what AI can see, what it can do, which contacts or projects are off-limits, and which actions are draft-only or read-only. Sensitive data is redacted before it reaches the AI, and every request is logged.

PortEden masks sensitive content in tool responses: SSNs, credit cards, passport numbers, API keys, and other secrets in emails, documents, and task comments. On top of that you can hide specific contacts, redact subject lines, strip attachments, or block projects matching a label. PortEden does not see your prompts to the AI or the AI's responses back to you. It inspects the tool calls in between, not your conversations.

Every connection has a one-click revoke. The token is invalidated immediately and any AI session using it stops working on the next request. You can also pause an entire integration, dial scope down to read-only, or roll back to a previous policy version. The audit log shows every tool call AI made before you cut access, so you can see exactly what was read or written.

PortEden works with Claude, ChatGPT, Microsoft Copilot, Google Gemini, Grok, and any client that speaks the open MCP and CLIs. The same access rules apply regardless of which AI is on the other side.

Email (Gmail, Outlook, Exchange), calendars (Google, Outlook), files (Google Drive, Docs, Sheets), team chat (Slack, Microsoft Teams), project tools (Jira, Linear, Asana, Monday, Notion, Confluence), and many other business tools. The same rule engine runs across all of them, so a policy you write for email applies the same way to your task tracker.

Built-in connectors are all-or-nothing. Grant Claude your inbox and Claude sees your inbox. PortEden adds a control layer in between: granular rules per user, per AI, and per project, plus an audit trail and a kill switch. If your security team needs to know what AI accessed last Tuesday they can, and if a contractor leaves, you revoke their AI's access without touching the underlying Google or Microsoft account.

Yes. Account-wide policies set the ceiling (block specific domains, disable services, cap visibility), and every user's tokens inherit them automatically. Policy Groups let you layer different profiles on top, so legal can see one rule set while engineering sees another. New tokens pick up the right policy on creation.

There's a free tier with the core firewall. Paid tiers add organization policies, higher rate limits, more functionality and longer audit retention. See the pricing page for current details.