Alternatives & comparisons
Lockdown Browser Alternatives for the AI Cheating Era
A lockdown browser enforces rules inside one exam window. That was enough when cheating meant opening another tab. In 2026 the dominant threats live below the browser, where no lockdown browser can see them. Here is the network-layer alternative.
Other exam-security alternatives to consider
No single tool covers every layer. Here is how the rest of the lockdown-browser and proctoring-service field compares on the same AI-cheating threat model.
What a Lockdown Browser Actually Does
A lockdown browser takes over the exam window and enforces rules inside it: blocks new tabs, disables copy-paste, suppresses notifications, and prevents navigation away from the assessment. Respondus LockDown Browser, Safe Exam Browser, and ExamSoft Examplify are dedicated lockdown applications; the secure-browser modes inside Honorlock and Proctorio do the same job. They do it well, and at scale.
That model was built for a world where cheating meant opening another browser tab. The window was the battlefield, so locking the window solved the problem.
The Structural Blind Spot: One Window on a Multi-Process Machine
A lockdown browser is one process. The candidate's operating system runs dozens. Anything outside that locked window, whether a separate desktop app, a local model loaded into memory, or a remote-access tunnel, sits entirely outside its visibility.
This is not a bug in any specific product. It is the architectural boundary of every application-layer tool: a window cannot see the machine it runs on. The whole category shares the same horizon.
What Changed: The Threat Moved Below the Browser
Three classes of tool now do their work entirely outside the exam window:
- Invisible AI overlays. Cluely, Pluely, InterviewCoder, and unknown forks are separate desktop apps that mark themselves invisible to screen capture (WDA_EXCLUDEFROMCAPTURE). They never touch the locked browser window.
- On-device LLMs. Ollama, LM Studio, and llama.cpp run in memory with no outbound network traffic to inspect.
- Remote-access tools and RATs. These present as normal OS processes: a second person driving the session from off-screen.
None of these touch the locked browser window, so no lockdown browser can see them. The window is still locked. The exam is still compromised.
Why Process-Name Denylists Fail
The common industry reaction is to add specific tool process names to a denylist. That catches one named binary, and goes blind the instant the name changes, the tool is recompiled, or a new fork ships. Cheating tools rename themselves faster than denylists can be updated.
Aiseptor detects the technique that is invariant across tools, not the name of any one tool.
- Screen-capture-exclusion flags (e.g. WDA_EXCLUDEFROMCAPTURE)
- Electron renderer-child process trees
- Install-path fingerprints
- GPU memory-allocation deltas consistent with local model inference
- Network-layer handshake fingerprints (DNS / SNI / TLS client-hello) at the network layer
Renamed, unknown, and future tools trip the same controls because they all rely on the same underlying behaviors.
Comparison: Lockdown Browsers vs. Network-Layer Enforcement
These address different layers. Neither is a complete solution on its own.
| Capability | Lockdown browsers (category) | Aiseptor (Network Layer) |
|---|---|---|
| Lock the exam browser window | Yes | Yes (Aiseptor Secure Browser, beta)Beta |
| See processes outside the browser | No | Yes |
| Invisible AI overlays (any tool, named or not) | No | Yes (technique-based) |
| On-device LLMs | No | Yes |
| OS-wide network / DNS / SNI enforcement | No | Yes |
| Resistant to process rename / unknown tools | No (name lists) | Yes (invariant-based) |
Beta: Aiseptor Secure Browser is in beta. Every other “Yes” in this table describes network-layer enforcement already in general availability.
Which Lockdown Browser Are You Comparing?
Each product handles the browser layer differently, but they share the same blind spot. Pick the one you use for a head-to-head breakdown.
The Honest Answer: Aiseptor Now Covers the Browser Layer Too
Until recently the honest answer was “different layers, not a replacement”: keep your lockdown browser and add Aiseptor's enforcement beneath it. That is changing. Aiseptor Secure Browser (in beta) is a lockdown / secure exam browser for Mac and Windows, so Aiseptor now covers the application layer as well as the network and device layer. One platform instead of two vendors.
Aiseptor Secure Browser locks the exam window like any lockdown browser, but it is backed by the network-layer enforcement that catches what the window cannot see: invisible overlays, on-device LLMs, and remote-access tools, on any candidate device. The one surface it does not cover is physical identity and the room. Pair it with a live proctor for that.
Deployment: 30 Seconds, No Admin Rights, Any Device
Aiseptor deploys as a user-space process: no kernel driver, no IT ticketing, no managed-device requirement. A candidate on their personal laptop can be in a compliant session in 30 seconds. Start with 5 free sessions.
Frequently Asked Questions
What is a lockdown browser?
A lockdown browser is a restricted application that takes over the exam window: it blocks new tabs, disables copy-paste, suppresses notifications, and prevents navigation away from the assessment. Respondus LockDown Browser, Safe Exam Browser, and ExamSoft Examplify are dedicated lockdown browsers; Honorlock and Proctorio ship secure-browser modes that do the same thing inside the browser.
Can a lockdown browser detect Cluely or other invisible AI overlays?
No. An invisible overlay like Cluely is a separate desktop application that marks itself invisible to screen-capture APIs (WDA_EXCLUDEFROMCAPTURE). It never touches the locked browser window, so no lockdown browser, by architecture, can see it. This is a layer boundary, not a detection gap.
Can a lockdown browser detect on-device LLMs like Ollama or LM Studio?
No. Local LLMs run entirely in device memory with no outbound network traffic. A lockdown browser has no visibility into processes outside its own window, so it cannot detect, flag, or block local AI inference.
Doesn't adding tool names to a denylist solve this?
It solves it for exactly as long as the binary's name stays the same, which is hours, in practice. A denylist entry is a string match against a process name or bundle ID; renaming the executable, recompiling from source, or forking under a new name clears it instantly with zero code changes. The four invariants Aiseptor checks instead (capture-exclusion flags, renderer-child process trees, install-path fingerprints, and network-layer handshake fingerprints) are properties of how the technique works, not what the tool is called, so they don't reset on a rename.
What is the best alternative to a lockdown browser for AI cheating?
There isn't a single drop-in replacement: the honest framing is coverage, not substitution. Keep the lockdown browser (or move to Aiseptor Secure Browser, see above) for tab and window control, and add network-layer enforcement underneath it for the surface no browser-layer tool reaches. Institutions running both report the browser layer catching casual tab-switching while the network layer catches the overlay and local-LLM cases that would otherwise show a clean session log.
Where Aiseptor Fits: Beneath, Not Instead Of
Aiseptor is a layer, not a rip-and-replace. It sits beneath your lockdown browser, and beneath any lockdown browser or proctoring service, owning the device and network layer those tools architecturally cannot reach. Keep what you have for browser control or webcam proctoring; add Aiseptor for the OS- and network-level AI threats it was built to stop. The exam page can open in a normal browser while Aiseptor enforces the machine boundary.
What Aiseptor does not do: physical and environment security is out of scope. Aiseptor does not verify identity, watch the room, or catch a phone, a paper note, or an in-person accomplice off-camera. For those, pair Aiseptor with a live proctor or an identity-verification step. Aiseptor secures the device and the network path, not the physical room around it.
Run a free session with network-layer enforcement
5 sessions free, no credit card. See what a lockdown browser architecturally cannot reach, blocked in the audit log before the exam starts.