Net-new · not in wf1
Security · Egress control (shared with Engineering) also Engineering
Which agents may reach which destinations — and where the policy has holes.
Default Stance
Egress stance: default-allow
Warning: default-allow permits all outbound traffic that no rule explicitly blocks. Anything unseen is implicitly allowed.
Uncovered egress
11%
Outbound flows matched by no policy rule.
Egress Control Matrix
Approved LLMs
Unapproved LLMs
high risk
Tool APIs
watch
Internal
Unknown
high risk
claude-code-prod
●
✕
◐
●
✕
data-pipeline-agent
●
✕
●
●
◐
cursor-ide
●
✕
◐
·
✕
support-copilot
●
●gap
◐
●
◐
marketing-gpt
◐
●gap
●
·
●gap
Legend
● allowed✕ blocked◐ observe-only· none / no trafficgap allowed but should be blockedPolicy Rules
Deny all agents → Unapproved LLMs (except: none)enabled
Allow Data team → Anthropic (api.anthropic.com)enabled
Observe Tool APIs — log, do not blockenabled
Deny all agents → Unknown destinationsenabled
Require owner before egress (block unowned agents)disabled
Recently Blocked / Uncovered
AgentDestinationActionWhen
marketing-gptapi.openai.comUNMONITORED40m ago
support-copilotapi.together.aiBLOCKED1h ago
data-pipeline-agent198.51.100.24:443UNMONITORED3h ago
Under default-allow, unmonitored flows are permitted. Switching to default-deny would block the two UNMONITORED rows above until a rule covers them.