Discover the AI your employees already use
Most AI use in your company never reaches IT. Shadow AI surfaces it: which tools, which users, what data, what it costs and what risk, captured through corporate egress and a Chrome/Edge extension, then approved or alerted on. Live in 24 hours, no SDK.
From discovery to governance on one screen
Shadow AI captures at the two places employees actually use AI: the corporate network egress and the browser itself. The egress catches API calls and unmanaged SDKs leaving your network; the Chrome/Edge MV3 extension captures the conversations that never leave the browser (ChatGPT, Claude, Gemini and Copilot), so streamed responses and full multi-turn conversations are reconstructed, not just domain hits.
The Overview quantifies the share of activity that is shadow and what it costs. Conversations scores each one from LOW to CRITICAL, including progressive exfiltration that builds across turns. Then you act on the same screen: approve a provider in the allowlist, or raise an alert on a cost spike, a DLP burst or a new provider.
What Shadow AI surfaces
Two-vector capture
Corporate egress plus a Chrome/Edge MV3 browser extension and an SDK, so every shadow call is surfaced wherever it leaves.
Per-user attribution
Every request mapped to a user, team and department, joined to your org structure via CSV import or SSO group sync.
Per-conversation risk scoring
Multi-turn conversations scored LOW to CRITICAL, catching progressive exfiltration that per-request DLP would miss.
Intent & behavioral signals
Classifies usage intent (code generation, data analysis, suspected exfiltration) and flags when declared and inferred sources disagree.
Provider allowlist
Approve providers and specific models. Anything outside the allowlist surfaces as shadow even when the provider is otherwise sanctioned.
Alerts
Rules for new provider, cost spike, DLP burst or new user, delivered to a webhook so security hears about it immediately.
Capture vectors and coverage
- Corporate egress PAC file, transparent proxy, HTTPS interception via corporate root CA Captures API calls and unmanaged SDKs leaving the network.
- Browser extension Chrome / Edge MV3: ChatGPT, Claude, Gemini, Copilot Capture inside the page: streamed responses and conversation IDs, not just domains.
- Attribution User, team, department, source, declared vs inferred Org structure via CSV import and SSO group sync.
- Conversations Multi-turn reconstruction with cumulative risk scoring Detects exfiltration that builds across turns.
- Alerts New provider, cost spike, DLP burst, new user Threshold rules with webhook delivery.
Three steps to your first finding
-
Deploy the capture sources
A single egress node plus the Chrome/Edge extension pushed through your endpoint manager. Capture starts the moment users open an AI tool.
-
Watch the Overview
Within hours you see the share of shadow activity, its cost, top providers and users, and the riskiest conversations.
-
Approve or alert
Allowlist the providers you trust and raise alerts on the rest: governance on the same screen as discovery.
Frequently asked questions
Does it work with ChatGPT, Claude and Gemini?
Yes. That is why we ship a Chrome/Edge MV3 extension alongside the egress proxy. The extension captures inside the page, so streamed responses and full multi-turn conversations are reconstructed, not just domain hits.
How is this different from a CASB like Zscaler or Netskope?
CASB/SWG tools see the domain (chatgpt.com) but not the content. Shadow AI parses the actual prompt and response, runs DLP on the content, reconstructs the conversation across turns, and scores its risk. They see who visited; we see what was said.
Will employees know they are being recorded?
Yes. The extension shows a status icon and an employee transparency portal lets each user see what was captured about them, with GDPR-grade delete requests. It is built for compliance, not surveillance.
How fast is the first finding?
Most teams see providers, users, departments, top conversations, DLP findings and cost within 24 hours of deploying the egress node and the extension.