PreserveIP connects to your GitHub organization via webhooks. Every push event, pull request, fork, and code review is instantly queued, scanned by Claude AI for IP leakage signals, and surfaced to your security team — with actor attribution and resource links.
Every commit to every branch across your GitHub organization. File diffs, commit messages, and added file signatures are all scanned.
PR titles, descriptions, diff content, and linked issues are classified. External contributors and contractor accounts get extra scrutiny.
Fork events are flagged with actor context — especially powerful for detecting pre-departure exfiltration by employees with notice periods.
Code review comments and PR discussions can contain external links, credential snippets, or architecture disclosures — all monitored.
Repository releases and tag creation — especially to public repositories — are scanned for model artifacts and dataset attachments.
Private-to-public repository changes are instantly flagged as critical — the single most dangerous configuration change for IP exposure.
GitHub org Settings → Webhooks → Payload URL: your PreserveIP endpoint. Select push, PR, fork, and review events.
Generate a 32-character secret and enter it in both GitHub and PreserveIP. All payloads are HMAC-SHA256 verified.
Upload model fingerprints and dataset schemas through the PreserveIP dashboard. Detection activates immediately.
Events flow in real time. Your team sees severity, actor, AI reasoning, and a direct link to the GitHub resource within 30 seconds.
Setup takes 5 minutes. 90-day pilot available for design partners.