EgressGate — Third-Party API Egress Allow-List

What it is

The shape behind boundary-protection tooling (Wiz, Lacework, Cloudflare Tunnel egress). Every outbound destination on one screen. State, 7-day volume, 4-dimension anomaly score. The shape an auditor asks for when they say “show me everywhere your data leaves the perimeter.”

What’s in it

• 28 outbound destinations — Stripe, SendGrid, Twilio, Intercom, Segment, Datadog, Sentry, Snowflake, Auth0, OpenAI (review queue — new vendor, 2.3× baseline), Anthropic (shadow IT — no DPA, source service unidentified), GitHub, npm, PyPI, ghcr.io, MaxMind GeoIP, Slack, PagerDuty, Heap (denied — marketing tag pulled but DNS still resolves), Mixpanel (review — sunset in progress), Google Fonts (denied — leaks visitor IP), jsDelivr (review — supply-chain risk), Zendesk (denied — replaced 8mo ago but a batch job still calls), bare IP 45.142.215.92 (denied — drill).
• 4 states — allow / review / deny / unknown (shadow IT).
• 7-day baseline vs current traffic — every destination shows the volume delta. OpenAI at +234% over baseline triggers the review state.
• 4-dimension anomaly score (0-5 each) — request rate, error rate, response size, geographic dispersion. Composite drives the queue.
• Real network-policy YAML per destination — copy-pasteable allow/deny/log rules for the egress firewall.

Why this shape

SOC2 CC6.6 (boundary protection), NIST 800-53 SC-7, CSA CCM IVS-09, ISO 27001 A.8.22 all measure the same thing: do you know where your data goes? The hardest finding to defend at audit is the shadow-IT row — an unknown destination with traffic, no DPA, no allow-list entry, no responsible owner. EgressGate surfaces those by default.

How it ships

Single HTML file, ~21KB. Zero dependencies. 28 destinations × 4 anomaly dims + per-state policy templates in 230 lines of vanilla JavaScript.

Open the tool →