Fantomo keeps your company software secure, helps guide employee behavior, and discovers shadow IT apps in real time — without slowing down your computer systems or invading worker privacy.
Create clear guidelines for what websites your company uses. Block unsafe sites, redirect users to approved tools, and present guidance notices automatically.
The client-side matching engine runs inside the sandboxed extension process context, checking all navigation events in user space. It performs checks in less than 50 milliseconds using memory-mapped Bloom filters and FNV-1a hash tables, adding zero latency to page loads.
The control plane compiles rules and propagates updates via a compressed JSON endpoint. Exclusions can target specific directory groups or Organizational Units, meaning you can restrict access for the organization while allowing access for select development teams.
Install the software across all company computers instantly without bothering your employees. The installation happens silently in the background, and cannot be deactivated or removed by staff.
Deploy the client seamlessly across your endpoints by using standard enterprise policy templates. The browser reads force-install directives on start, pulling the package from web stores and disabling manual user toggle switches on the extensions management page.
Provisioning variables are injected directly into the browser's managed storage registry via plist configuration profiles on macOS or registry keys on Windows. This initializes the client silently, syncing the active browser profile with the management console.
Ensure sensitive organization files, customer credentials, and intellectual property don't get uploaded to unauthorized websites or public AI tools.
The content script executes client-side scanning inside the tab sandbox. It registers input, paste, and drag-and-drop listeners to evaluate text elements before payloads leave the browser, ensuring sensitive parameters do not reach third-party API endpoints.
The script runs pre-compiled regex matching strings locally against text input fields. Violation alerts render inside isolated Shadow DOM nodes to bypass target page CSS styles, and any user-submitted bypass comments are uploaded as signed JSON payloads.
Discover which software applications are trending inside your company. Spot security outliers or sudden adoptions of new tools so you can consolidate software costs.
The client monitors account registration pages by scanning DOM elements for login forms, signup fields, and identity provider handshakes. This captures new tool usage without decrypting network traffic or utilizing static server gateways.
Telemetry data is aggregated locally to compute usage metrics. The client strips full URL paths, search strings, and personal identifiers, sending only the destination domain and anonymized metrics to protect employee privacy.
Audit and remediate tenant security profiles for M365 and Google Workspace. Review status checklists, receive configuration drift alerts, and automate setup.
The platform performs daily compliance checks of your cloud tenants by querying the Google Admin Directory and Microsoft Graph APIs. It reviews critical configurations, flags unauthorized modifications, and issues configuration drift alerts.
Remediation scripts execute using temporary, short-lived OAuth tokens that expire after 15 minutes. The scanner automatically filters checks based on active licensing tiers, avoiding false alerts on premium controls that are not supported.
Every alert, detection, risky app, and pending approval across the platform lands in a single auto-refreshing view. Admins keep it open all day and work one prioritized queue instead of hopping between a dozen reports.
Security alerts, high-risk SaaS, new Shadow IT, and access requests merge into one severity-sorted, click-through queue.
The Command Center refreshes itself every 45 seconds — no reloads — and pauses politely when the tab is in the background.
A short sidebar of tabbed Workspaces — Threats & Alerts, SaaS Governance, Activity Logs — plus a grouped Settings area replaces a long, flat menu.
Every item links straight to the underlying report, so triage takes seconds without losing the big picture.
The extension already watches logins, tokens, pastes, downloads, and OAuth. Now it turns that into a threat feed you can act on, and sends it wherever your team works.
Phishing, ghost logins, credential reuse, and AiTM session risk land in a single triage view with status and severity.
See which accounts skip SSO or run without MFA, per app, drawn from real login events.
Every extension on every device, rated by permissions, install source, and a known-bad list.
Fire playbooks on a detection, block a domain in one click, and stream events to Splunk, Sentinel, or CrowdStrike Falcon Next-Gen SIEM.
Technical breakdown of policies, enforcement methods, and reporting options.
| Feature & Capability | Core Plan | Required Add-on / Tier |
|---|---|---|
|
Browser Rule Engine
Steer employees toward approved websites and SaaS tools. Block unauthorized pages and show guided policy messages.
|
Included | Standard |
|
Silent Deployment (Force-Push)
Centralized background installation via Microsoft Intune, Jamf Pro, or GPO. Runs as a locked browser policy so staff cannot remove or toggle it off.
|
Included | Standard |
|
SaaS Signup Detection
Automatically logs when staff members create accounts or sign in to unauthorized tools.
|
— | Shadow IT & SaaS Management ($99/mo) |
|
Slack Alerts & Webhooks
Send immediate alerts to Slack channels or external security systems when risky events or signups occur.
|
— | Shadow IT & SaaS Management ($99/mo) |
|
Data Loss Prevention (DLP)
Prevent data leaks by blocking employees from typing sensitive patterns (like credit card numbers or API keys) into generative AI or external sites.
|
— | Policy Auditor / DLP ($29/mo) |
|
Detailed Session Audit & Retention
Logs compliance histories and software usage with customizable audit retention logs (30 days to 4 years).
|
— | Full Browsing & Analytics ($119/mo) |
|
Tenant Security Compliance
Audit M365 and GWS configurations, trigger automated remediation using 15-minute temporary credentials, and receive alerts on configuration drift.
|
— | Tenant Security Compliance ($49/mo) |
|
Network Performance Diagnostics
Monitors page load latency and response times to diagnose remote employee connection and website performance issues.
|
— | Remote Network Telemetry ($59/mo) |