Home/Platform/Device Guardian
Product · Device Guardian

Every device, individually attestable. Detect device cloning and takeover across Mac, Windows, iOS, Android and Linux, and contain it. Try the guardian console.

The RankShield Guardian protects every device in your business as one verifiable fleet. Each device gets a post-quantum identity, so cloning, intrusion, and takeover are detectable and containable, and a compromised device can be quarantined fleet-wide in seconds. Click through the guardian console below.

RANKSHIELD · GUARDIAN PROTECTING
--:--:-- UTC
DEMONSTRATION · the RankShield OS device guardian · attest → detect → contain
What you just used

The product that started RankShield.

RankShield's device guardian exists because the founder's own phone was cloned. In the console above you can attest a device, watch a clone get detected and quarantined, and arm a dead-man kill credential. Each device presents a real secure-enclave key, so a device showing two keys per install is flagged as a probable clone, and an unauthorized device never passes as trusted.

Mac, Windows, iOS, Android and Linux guardians all join the same tenant through one enrollment, so a mixed Naples office is covered under one verifiable roof, and you can quarantine any device from one place. It is the same network behind your WordPress plugin, Shopify app, and AI governance.

The point

Every block is a receipt you can verify.

When the guardian quarantines a device, the containment is provable. It is the same verifiable spine behind every RankShield product: authorize or block an action, sign it with a post-quantum signature, and seal it to a tamper-evident transparency log. That is why the dashboard above is a demonstration of the real mechanism, not a mockup with invented numbers. Learn how the whole control plane fits together on the platform page, or read the plain-English guide to verifiable security.

Honest about the demo.

  • The dashboard runs entirely in your browser. The counts are illustrative, not a specific customer's live data.
  • The mechanism it shows is real and standards-based (post-quantum signing, RFC 6962 logging, deny-by-default).
  • We do not claim “unhackable.” The ownable claim is verifiable — you can check what it did.
Questions

Device Guardian — common questions

How does it detect a cloned phone?
Each install binds to the device's real secure-enclave key. If the same account presents two distinct real keys, that is the signature of a clone, and the guardian flags and quarantines it. This came directly out of the founder's own experience with a cloned phone, and it is designed for high-confidence detection, not guesswork.
Does it work across Mac, Windows, and mobile?
Yes. Guardians ship for macOS, Windows, iOS, Android and Linux, and they all enroll into one company tenant through a single verifiable enrollment. A mixed office is covered under one roof, and you can see and revoke any device from the console.
What is the dead-man kill credential?
It is a post-quantum-signed revocation that the whole fleet honors instantly. If a device is captured or a person is under duress, the credential quarantines it fleet-wide, bounding the blast radius. In the console you can toggle it on in the Policy tab.
Get started

Protect your fleet with verifiable device security.

Tell us how many devices and which platforms, and we'll enroll your fleet into one verifiable tenant, with proof you can audit.