Lumeus

Overview

Lumeus provides an Agent-native security platform that unifies Security Posture Management, Runtime Protection across multiple coding agents. It continuously discovers risks, manages security posture, and enforces runtime protection—directly at the AI agent edge.

Capabilities

AI-Native Runtime Protection & Forward Proxy:
Lightweight endpoint agents to enforce runtime inspection and protection by monitoring traffic and interactions within AI systems. It functions as a local Policy Enforcement Point (PEP) for both outgoing and incoming traffic.

• Acts as a forward HTTP proxy to inspect all IDE and CLI web traffic for threats or policy violations. We support 30+ parsers for common IDE, CLI agents, developer SaaS Apps (Jira, Github) and common Web AI (OpenAI, Claude etc).
• Performs Layer 7 inspection to detect prompt injection, data leaks, and unsafe completions.
• Integrates with reverse proxies like Teleport to secure SSH, Kubernetes, and web cluster access.

Model Context Protocol (MCP) Gateway:

• Secure Communication: Inspects and protects all communications between IDE/CLI agents and external MCP servers (e.g., List Tools or Tool Calls).
• Controls MCP configurations and blocks unsanctioned MCP servers.
• Supports both local and remote MCP servers.

Security Posture Management:
Functions as the Policy Control Point (PCP) to provide continuous posture management, plugin control, and guardrail enforcement.

• Repository Governance: Comprehensive repository access controls with git blocking, allowlist/blocklist management, and organizational policy enforcement to prevent unauthorized code access and maintain secure development environments
• File Protection: Sensitive file access protection with policy-based controls and data classification
• AI Guardrails: Leveraging IDEs native guardrails to prevent threats, data loss prevention (DLP), and enforce code guidelines through intelligent monitoring and policy enforcement
• Tamper Protection: Tamper-resistant security enforcement with uninstall protection and watchdog monitoring

Zero Trust Infrastructure Access:

• JIT Access: Just-In-Time provisioning for SSH servers, Kubernetes clusters, databases, and web applications
• Credential Management: Ephemeral credential generation with automatic expiration and lifecycle management
• Session Monitoring: Complete audit trails with real-time session monitoring and activity correlation

Prerequisites

A valid Lumeus tenant must be provisioned and organizational resources configured for centralized security management.

Visit lumeus.ai for platform onboarding or contact support@lumeus.ai to request access.

Troubleshooting

Forward Proxy Gateway

• Verify security certificates are properly installed
• Validate proxy agent operational status
• For Windsurf environments: reload Language Server Protocol when prompted
• Confirm network connectivity and firewall configurations

MCP Gateway Issues

• Ensure latest IDE with MCP support is installed
• Check firewall settings for MCP communication
• Toggle MCP server configuration to reset connection state
• Perform IDE window reload to refresh security context
• Validate MCP server configuration through management portal
• Verify secure gateway connectivity and policy inheritance

Connection Problems

• Check if required tools are installed for specific connections
• Verify network connectivity and resource availability
• Review extension logs for detailed error messages
• Ensure proxy settings are not interfering

General Issues

• Check extension logs using Output panel (View > Output > Lumeus)
• Verify settings configuration
• Try refreshing the resource list
• Use "Lumeus: View Logs" command for detailed logs
• Restart IDE if issues persist