AI builds the apps. IT holds the keys.
Your employees are about to build their own AI apps and automations — with or without you. Personal is the desktop platform where that happens safely: described by the employee, built by AI, and installed only after review, permission grants, and a signed manifest. Every action lands in an append-only audit log.
Design partner program — five seats for Q3 2026. No agents in your cloud, no code leaving the device.
Shadow IT taught you this lesson once. Now the software writes itself.
Unmanaged SaaS took a decade to become every security team's problem. Employee-built AI apps will do it in a fraction of the time — copilots that script, agents that act, tools built in an afternoon by people who have never heard of your SDLC.
You can't govern what you can't see
Custom GPTs, local agents, AI-wired automations — built on endpoints and in personal accounts, invisible to every asset inventory you own.
Every app gets everything
An employee-built agent runs with the employee's full access — files, credentials, internal APIs. There is no scoping layer, because nobody built one.
Nobody can say what happened
When an AI-built automation moves data somewhere it shouldn't, there is no log to read, no version to roll back, no owner to call.
Blocking it won't work — the pull is too strong, and your best people are the first movers. The only durable answer is a sanctioned place for it to happen.
From "I need a tool" to a governed install — in one sitting.
The employee asks
"I need a tracker for vendor renewals with an export for finance." Plain language, in the Personal desktop app.
actor: employeeAI generates a candidate
A local AI engine builds the app as a declarative, validated artifact — typed collections, forms, and actions. Not freeform code with your credentials.
actor: platformNothing installs unreviewed
Manifest diff, generated checks, and every permission grant surfaced for explicit approval — by the employee, or routed by policy to IT.
actor: employee / IT policyScoped, logged, revocable
The app runs in a sandboxed runtime. Out-of-scope requests fail closed. Every action is audited. Versions roll back. Keys revoke.
actor: runtimeControls that exist in the architecture, not in a policy PDF.
Personal wasn't retrofitted with an admin panel. The permission boundary, the review gate, and the audit log are the platform — apps cannot exist outside them.
Explicit permission grants
Every capability an app touches — storage, HTTP origins, connectors, files — is a named grant, approved per app and revocable at any time.
Install review gate
Manifest diffs, permission changes, and generated checks must be explicitly approved before an app or an update can run. Duplicate or tampered packages are rejected by hash.
Append-only audit log
Installs, grants, denials, actions, failures — every event is recorded and cannot be rewritten. Answers "what happened?" in minutes, not forensics engagements.
Fail-closed by default
An app requesting a capability it wasn't granted doesn't degrade gracefully — it stops. Out-of-scope requests die before any side effect, not after.
Local-first data
Apps and their data live on the device. Nothing routes through our cloud. External calls happen only through scoped grants your policy allows.
Versioned & revocable
Every app version is content-hashed and kept. Roll back an app, disable it org-wide, or unwind a bad update — without touching the endpoint by hand.
"Describe the tool you need. Have it after lunch. IT already approved it."
Governance that only says no gets routed around. Personal works because employees get real value on day one — the small, specific tools every team wishes existed but no backlog will ever fund.
Built by an operator who has spent twenty years on your side of the table.
Personal is built by Akbar Ahmed, founder of Sentrix.ai — an engineering executive from three security companies that CISOs know, including one he helped take public.
The straight answers.
Does any of our data or code leave the device?
No. Apps, their data, and the audit log live locally. The AI build step runs through a locally managed engine, and network access exists only where a scoped, named grant allows a specific origin. There is no Sentrix cloud in the data path.
What stops an AI-built app from doing something dangerous?
Apps are declarative artifacts, not arbitrary code with user credentials. They run inside a sandboxed runtime where every capability is a named grant, ungranted requests fail closed before side effects, and every action is audited. Higher-privilege run modes are disabled unless your policy explicitly enables them.
How does IT stay in control across hundreds of employees?
Policy defines which capabilities are grantable at all, which require IT approval, and which are banned. Central visibility — inventory, versions, grants, and audit — is on the design-partner roadmap and is exactly what we want to shape with early partners.
What does the design partner program involve?
Five companies, Q3 2026. A paid pilot with direct access to the founder: weekly working sessions, your policy requirements shaping the roadmap, and pricing locked ahead of general availability.
Your employees will build either way. Decide where.
A 30-minute briefing: the threat model for employee-built AI apps, a live walkthrough of the governed build loop, and whether a pilot fits your 2026 plans.
Book a CISO briefing