Skip to main content

Shadow AI

Shadow AI detects unauthorized AI agents and applications running across enterprise cloud and local endpoints. It supports the following categories of agents:

  • Desktop-installed agents — e.g., OpenClaw, OpenAI Codex, NanoClaw, Claude Code, Gemini CLI.
  • Browser agents — e.g., browser extensions, Gemini, Claude Chat, ChatGPT.
  • Cloud server agents — e.g., AWS Bedrock, GCP Vertex AI Agent, ServiceNow agent.

Key Capabilities

  • Behavior monitoring — real-time tracking of AI agent and application activity (process launches, network calls, file access) across enterprise environments.
  • Security alert detection — identifies operations and behavior patterns that may pose security risks and surfaces them as flagged sessions for review.
  • EDR integration — collects detailed endpoint telemetry through commercial EDR platforms. Microsoft Defender and CrowdStrike Falcon are supported today; SentinelOne is on the roadmap.

Integration

Shadow AI connects to your EDR framework using credentials you provide, then continuously pulls telemetry data from monitored endpoints. It correlates that telemetry against AI agent activity to surface:

  • Which AI agents are being used, by whom, and how frequently
  • The full invocation chain for each agent session — prompt, process operations, network communications, and file modifications
  • Behavioral patterns that match known risk signatures, flagged for review

Results are displayed in the Shadow AI dashboard with per-session detail views and a one-click security assessment across all recent activity.

Investigation and Trajectory

Every detected agent session can be opened in the Shadow AI -> Monitor view, which reconstructs the full endpoint activity captured by the EDR for that session — a timestamped chain of every process spawned, every outbound connection (e.g. api.openai.com, api.anthropic.com), and every file read or written, all attributed back to the originating agent invocation.

The trajectory view is the primary investigation surface for security teams: it shows the prompt that initiated the session, the device and account involved, and the event stack (e.g. an OpenClaw invocation that subsequently launched curl, docker, or powershell).