Early Access · Available Now

See every AI tool.
Stop data leaks.
Prove compliance.

Lapwing detects every AI tool employees use, stops sensitive data reaching unapproved services, and gives IT and security teams the evidence they need for audits — all in one platform.

Spur admin portal dashboard showing risk posture, open alerts, and AI tool activity
The Problem

Your team is already using AI.
You just don't know it.

Shadow AI is everywhere

Employees use ChatGPT, Claude, Copilot, Gemini, Perplexity and dozens more — on personal accounts, without IT knowing.

Sensitive data leaving every day

PII, financial data, credentials, and source code pasted into consumer AI tools — with no visibility and no controls.

No audit trail, no compliance

GDPR, SOC 2, and client contracts require evidence of AI governance. Spur gives you the audit log and compliance reports to prove it.

How Spur Works

Up and running in under an hour

1

Deploy

Roll out the browser extension via Chrome policy and the endpoint agent from the Deployment guide. Enrol devices with a shared org code — no per-user signup.

2

Detect & protect

Spur detects AI usage across browser and desktop, runs on-device DLP, and enforces policies — block, redact, warn, or log sensitive submissions.

3

Investigate & report

Triage open alerts in the queue, explore the Forensics graph, and export executive reports or audit logs for boards and auditors.

Forensics
User · device · AI activity graph
Alert queue
FIFO triage for open incidents
Executive reports
Board-ready compliance snapshots
Connections
SIEM · Sentinel · Entra · M365
Features

Powerful enough for security teams.
Simple enough for everyone.

Visibility · Dashboard & AI Tools

See every AI tool in use

The Chrome extension and endpoint agent detect AI usage in the browser and on the desktop — ChatGPT, Claude, Copilot, Cursor, Ollama, and dozens more. The dashboard shows risk posture, coverage, violations, and which tools are approved vs shadow AI.

  • Dashboard KPIs — open alerts, violations, tool usage, coverage
  • AI Tools registry with risk scores and approval status
  • Consumer vs business account detection
  • Users page — devices, enrolment, and removal
Spur dashboard with risk posture and AI tool activity
Dashboard
Forensics

Investigate who connected to what

The Forensics activity graph maps users, enrolled devices, and AI destinations — similar to an EDR network map. Filter by time range, search nodes, and export the graph for incident reviews.

  • Interactive user · tool · destination graph
  • Time-window controls and edge filtering
  • Export to SVG, PNG, or CSV
  • Drill-down from any node
Spur Forensics activity graph
Forensics
Protection · Violations & DLP

On-device DLP — stop sensitive data at source

Classify pasted and submitted content on-device — PII, financial data, credentials, source code, and custom patterns. Enforce block, redact, warn, or log actions per policy tier without sending prompt content to the cloud.

  • Violations page — policy breaches and DLP events
  • Vulnerabilities — OWASP LLM findings and dispositions
  • UK/EU industry patterns and confidence scoring
  • Document scan for PDF and Word uploads
Spur alert queue for open incidents
Alerts · Queue
Governance · Policies & Reports

Policies, alert triage, and executive reports

Configure allowlists, data rules, and custom patterns in Policies. Triage open alerts FIFO in the alert queue. Generate board-ready executive reports mapped to ISO 27001, SOC 2, NIST, and Cyber Essentials.

  • Alert queue — unresolved alerts, oldest first
  • Executive report with compliance framework scores
  • Audit log export for GDPR and SOC 2 evidence
  • Group-based policy targeting via Entra ID
Spur executive report with compliance posture
Reports
Connections · Integrations

Wire Spur into your security stack

The Connections page configures SIEM forwarding, Microsoft Sentinel, Entra ID sync, M365/Copilot SaaS ingestion, Claude Enterprise audit, and SOC case webhooks — without leaving the portal.

  • SIEM — Splunk HEC, Elastic, generic JSON/CEF
  • Microsoft Sentinel native Log Analytics
  • Entra ID users, groups, and memberships
  • M365 / Claude sanctioned SaaS sync
Spur Connections integrations page
Connections
Pricing

Simple pricing, no surprises

Spur is in early access. Join the list to get release updates and pilot availability.

Spur
Free
Early access · Join the release list
  • Browser extension (Chrome, Edge & Firefox)
  • macOS & Windows endpoint agents
  • Dashboard, Forensics graph & alert queue
  • On-device DLP & policy controls
  • Executive reports & audit log export
  • Connections — SIEM, Sentinel, Entra, M365

See every AI tool. Stop data leaks.
Prove compliance.

Spur ships visibility, data protection, and policy control. Join the release list to get notified as pilots expand.

SPUR

The AI visibility platform
for growing teams

Spur detects every AI tool employees use, runs on-device DLP to stop sensitive data reaching unapproved services, and gives IT and security teams full policy control and audit reporting.

Platform

Everything in the Spur portal today

Dashboard & AI Tools

Risk posture, open alerts, violations, tool registry, and endpoint coverage — one view for IT and security.

Forensics

Interactive activity graph mapping users, devices, and AI destinations. Filter by time, search nodes, export SVG or CSV.

Alerts · Queue

FIFO triage for open incidents — violations, new tools, DLP events. Resolve, assign, and drill into detail.

Violations & DLP

On-device classification for PII, credentials, source code, and custom patterns. Block, redact, warn, or log per policy.

Reports & Audit Log

Board-ready executive reports mapped to ISO 27001, SOC 2, NIST, and Cyber Essentials. Full audit log export.

Connections

SIEM forwarding, Microsoft Sentinel, Entra ID sync, M365/Copilot ingestion, Claude Enterprise audit, and MSP webhooks.

Portal preview

See it in action

Spur Forensics activity graph
Forensics
Spur alert queue
Alerts · Queue
Spur executive report
Reports
Spur Connections integrations
Connections

Stay informed on Spur release

Join the release list to get notified when new pilots open.

About

Why we built
Lapwing

Organisations are adopting AI tools faster than security teams can respond. Lapwing gives IT and security teams the visibility, protection, and control they need — without enterprise complexity or enterprise pricing.

The Story

Shadow AI is the new shadow IT

A decade ago, employees started using Dropbox, Slack, and Google Docs without IT approval. Security teams scrambled to catch up. The same pattern is repeating — only this time the stakes are higher.

Growing companies face the same compliance obligations as a Fortune 500 firm, but without the security team, the budget, or the enterprise tooling to match. That's the gap Lapwing was built to fill.

Simple to deploy. Clear to understand. Immediately actionable.

Our name

The lapwing is a British bird known for one thing above all others: it will aggressively dive on anything that threatens its territory. It sees what others miss and acts before harm is done. That's the instinct we've built into our product.

Who it’s for

Teams that need AI governance without enterprise complexity — visibility, data protection, policy controls, and audit-ready reporting.

Values

What we stand for

Visibility first

You can't protect what you can't see. We give IT teams the full picture before asking them to act on it.

Privacy by design

We never store prompt content by default. DLP runs on-device; the portal sees metadata and policy events, not what employees typed. We protect your data the same way we help you protect your customers'.

Built for humans

No jargon. No 40-page manuals. If a non-security IT manager can't understand it in five minutes, we haven't done our job.

Get involved

Help build Spur

We're building Spur in the open with a small core team. If you're a developer who cares about security, privacy, and practical tooling, we'd love to hear from you.

Useful skills include TypeScript, browser extensions (MV3), macOS endpoint work, API design, and security-minded product engineering. You don't need enterprise security experience — curiosity and good judgment matter more.

What you might work on

  • Chrome/Edge extension — detection, DLP, policy enforcement
  • macOS endpoint agent — process detection and enforcement
  • Control plane API and admin portal (React)
  • Forensics graph, alert queue, and executive reports
Support Lapwing

Donate

Lapwing is an independent UK company building security tooling without enterprise budgets. Donations help us keep development moving while Spur is in early access.

Thank you for supporting independent security software.

Want to know more?

Join the release list for product updates, or get in touch if you want to help build Spur.

Stay informed

Get Spur release updates

Leave your details and we’ll email you when Spur opens wider availability, plus major product updates. No spam.

Stay informed

We’ll only email product updates and release availability.

What you’ll get

Release timing

A short email when Spur opens wider availability.

Major product updates

New tool coverage, policy controls, and deployment improvements.

Privacy-first

Spur is designed to avoid collecting prompt content by default.

UK-based

Lapwing Ltd · lapwingdefence.com · Registered in England & Wales

Pricing

Simple, transparent pricing

Spur is not generally available yet. Join the release list for updates when wider access opens.

Spur
Free
Early access · Join the release list
  • Browser extension (Chrome, Edge & Firefox)
  • macOS & Windows endpoint agents
  • Dashboard, Forensics graph & alert queue
  • On-device DLP & policy controls
  • Executive reports & audit log export
  • Connections — SIEM, Sentinel, Entra, M365
FAQ

Common questions

Is Spur available today?

Not yet for general availability. Join the release list and we’ll email you when Spur opens wider access.

How is Spur deployed?

The Chrome extension is deployed via enterprise policy or sideloaded. The endpoint agent installs via a package on Mac or Windows. Employees enrol using a shared org code — no individual sign-up required.

Do you read or store our prompts?

No. Spur detects AI tool usage at the metadata level — which tools, which users, when, and how much data was sent. We never read or store the content of prompts or documents.

Which platforms does the agent support?

The Spur agent runs on Mac, Windows, and Linux. The browser extension supports Chrome and Edge. Both can be deployed together for complete coverage.

Does blocking actually work?

Yes. The Chrome extension blocks disabled tools via browser network rules. The Mac endpoint agent quits blocked desktop apps and closes Safari tabs to blocked domains. This is real enforcement, not just logging.

What’s next?

We’re expanding deployment options and platform coverage. Join the release list to get notified when new capabilities ship.

Get notified when Spur launches.

Join the release list for product updates and availability announcements.