Alternatives & comparisons
ExamSoft & Examplify Alternatives for the AI Cheating Era
Examplify secures its own exam application well. But a secure exam app is one layer on a multi-process machine. Invisible overlays, on-device LLMs, and remote-access tools all live outside that sandbox. Here is the device-layer gap in 2026.
What ExamSoft Does Well
ExamSoft and its candidate app, Examplify, are a downloadable secure exam application built for high-stakes assessment: bar exams, medical and nursing boards, professional certification. Candidates download the exam, take it with the device locked into the exam app, and upload answers afterward.
That offline-capable delivery model is its real strength. For high-stakes licensure, where you cannot assume reliable network connectivity in every testing room, an exam that runs without a network dependency is a feature, not a compromise.
The Architectural Limit: A Sandbox on a Multi-Process Machine
Examplify secures its own application sandbox on the device. The candidate's OS, meanwhile, runs dozens of other processes. An invisible overlay and a local language model both run as separate processes alongside the exam app, not inside it. For overlays, the process marks itself invisible to screen capture, so it is hidden even from a screenshot.
This is not a flaw in ExamSoft. It is the architectural boundary of any application-layer tool: an application sandbox does not enforce OS-wide network policy and does not enumerate hidden overlay processes. Anything outside the sandbox is outside its visibility.
The offline model sharpens this. Offline delivery means there is no network-layer enforcement against an on-device LLM or a second-process overlay running alongside the exam. The strength for licensure delivery is precisely what leaves the device surface unguarded.
What Changed in 2025–2026
The threat moved out of the exam app and onto the device. Cluely is an OS-layer overlay that marks itself invisible to screen-capture APIs. A sandboxed exam app cannot see it. Local LLMs (Ollama, LM Studio) run in process memory with no outbound traffic. Pluely and open-source forks share the same architecture and rename themselves freely.
That is why detection by technique beats detection by name. Aiseptor looks for the screen-capture-exclusion flag itself (WDA_EXCLUDEFROMCAPTURE), Electron renderer trees, GPU VRAM deltas, .gguf and mmap model signatures, and DNS or SNI to AI endpoints. An unknown or renamed overlay is caught the same way a known one is. A secure exam app cannot see any of this from inside its own sandbox.
Comparison: ExamSoft vs. Device-Layer Enforcement
These tools address different layers. Neither is a complete solution on its own.
| Capability | ExamSoft / Examplify | Aiseptor (Device + Network) |
|---|---|---|
| Secure exam application + offline delivery | Yes | No (complementary) |
| Invisible AI overlays (Cluely, Pluely, unknown forks) | No | Yes |
| On-device LLMs (Ollama, LM Studio) | No | Yes |
| OS-wide network / DNS enforcement | No | Yes |
| Detects the technique, not just a process name | No | Yes |
| Remote-access tools / RAT detection | No | Yes |
The Honest Answer: Different Layers, Not a Replacement
ExamSoft is strong for offline, high-stakes licensure delivery, where running without a network dependency is the whole point. Aiseptor adds the live device and network-layer enforcement that a sandboxed secure exam app cannot reach. They address different attack surfaces.
For proctored online delivery, the two are complementary: keep the secure exam application for the content and locked workflow, and add Aiseptor for the overlays, on-device LLMs, and remote-access tools running on the same machine.
See also: Respondus LockDown Browser alternatives and Safe Exam Browser alternatives
Deployment: 30 Seconds, No Admin Rights, Any Device
Aiseptor deploys as a user-space process: no kernel driver, no IT ticketing, no managed-device requirement. A candidate on their personal MacBook can be in a compliant session in 30 seconds. From $2 per session.
Frequently Asked Questions
Does ExamSoft's Examplify block Cluely or invisible AI overlays?
No. Examplify secures its own application sandbox on the device. An invisible overlay like Cluely runs as a separate process and marks itself invisible to screen-capture APIs. A tool that secures its own sandbox does not enumerate other processes on the OS, so it cannot see or block an overlay running alongside it.
Can ExamSoft detect on-device LLMs like Ollama or LM Studio?
No. Local LLMs run as separate processes in device memory. Because ExamSoft's offline delivery model has no network dependency, there is no network-layer enforcement to detect outbound AI traffic, and an application sandbox does not inspect other processes' GPU memory or model files. Aiseptor catches local LLMs by GPU VRAM deltas, .gguf and mmap model signatures, and DNS or SNI to AI endpoints.
What is the best alternative to ExamSoft and Examplify?
For offline, high-stakes licensure delivery, ExamSoft is a strong, established secure exam application. For the AI-cheating threats that an application sandbox architecturally cannot address (invisible overlays, on-device LLMs, remote-access tools), device- and network-layer enforcement is the complementary layer. The two address different surfaces.
Does Aiseptor replace ExamSoft for bar exams and board exams?
Not as a like-for-like swap. ExamSoft's offline model is its strength for high-stakes licensure where network availability cannot be assumed. Aiseptor adds the live device and network enforcement layer that a sandboxed secure exam app cannot reach, which matters most for proctored online delivery.
Where Aiseptor Fits: Beneath, Not Instead Of
Aiseptor is a layer, not a rip-and-replace. It sits beneath ExamSoft and Examplify — and beneath any lockdown browser or proctoring service — owning the device and network layer those tools architecturally cannot reach. Keep what you have for browser control or webcam proctoring; add Aiseptor for the OS- and network-level AI threats it was built to stop. The exam page can open in a normal browser while Aiseptor enforces the machine boundary.
What Aiseptor does not do: physical and environment security is out of scope. Aiseptor does not verify identity, watch the room, or catch a phone, a paper note, or an in-person accomplice off-camera. For those, pair Aiseptor with a live proctor or an identity-verification step. Aiseptor secures the device and the network path — not the physical room around it.
Run a free session with device-layer enforcement
5 sessions free, no credit card. See what a secure exam app architecturally cannot reach, caught in the audit log before the exam starts.