Trigger Your First Detection
A short, safe exercise: set a rule to Alert, paste a harmless test value into ChatGPT, watch Zeuslock act on it, and find the detection on the Incidents page. No real secrets are used.
This short exercise proves Zeuslock works end to end: you set a rule, paste a safe test value into an AI tool, watch Zeuslock act on it, and see the detection appear in your dashboard. No real secrets are used.
Prerequisites
- The Zeuslock browser extension installed and connected to your organization.
- An admin account on your Zeuslock dashboard.
- A logged-in ChatGPT (or other supported AI tool) session in the same browser.
The test value
AKIAIOSFODNN7EXAMPLEis the example AWS access key ID published in Amazon's own documentation. It is not a real credential and grants no access — but Zeuslock still detects it because it has the structure of a real AWS key.
Step by step
- Set a rule to Alert. Open the Rules page, find an easy data type to test — for example API key — and set it to
Alert. Save. Alert is the safe starting point: Zeuslock detects and warns (and prepares an anonymized version) without hard-blocking anyone. - Open your AI tool. Go to ChatGPT in a tab where the extension is active.
- Paste the test value. In a new chat, type
Here is my AWS key for the deploy script: AKIAIOSFODNN7EXAMPLEand send it. - Watch Zeuslock act. Because the rule is
Alert, Zeuslock shows a warning with an anonymized preview of your prompt — you can send the safe version or cancel. (If the rule were set toBlock, the send would be stopped instead.) - See the detection. Open the Incidents page, or select View all from the Dashboard's Recent incidents. Your detection appears at the top with its severity, the data type (for example
api_key), and a timestamp. - Open the incident to see its details, including a redacted preview — Zeuslock never stores the raw secret.
Try the stricter mode (Business / Enterprise)
Go back to Rules, switch the same data type to Block, save, and send the prompt again. This time the send is stopped before it leaves the browser, and a new incident is recorded as blocked. Block mode is available on the Business and Enterprise plans.
How the three modes compare
- Off — the data type is not detected at all.
- Alert — detected; the user is warned and offered an anonymized version, so you get visibility while they stay productive.
- Block — detected and stopped; nothing leaves the machine.
A good rollout starts everything at Alert to map your real exposure, then moves high-confidence types (AWS keys, credit cards, IBANs) to Block.
Next steps
- Invite your team on the Users page and assign roles.
- Create a custom rule on the Rules page (the
+ Addbutton) to catch identifiers that are unique to your company.