Shadow AI Detection

Detect unauthorized AI and LLM usage across your environment by monitoring connections to OpenAI, Anthropic, HuggingFace, and other AI endpoints.

Shadow AI Detection identifies when applications or users connect to AI/LLM services that have not been explicitly approved by your organisation. This is critical for BFSI companies subject to RBI, DPDPA, and SOC 2 requirements around data handling.

How It Works

Endpoint library -- Aurva maintains a curated list of known AI/LLM API endpoints (OpenAI, Anthropic, HuggingFace, Google Vertex AI, AWS Bedrock, Azure OpenAI, Cohere, Replicate, and others).
Traffic observation -- The data-plane agent monitors outbound connections and matches destination domains against the endpoint library.
Payload inspection -- When a match is found, Aurva inspects the request for sensitive data patterns (PII, credentials, proprietary code).
Classification -- Each detected AI connection is tagged as Approved, Unapproved, or Under Review based on your governance policy.

Configuration

Managing the Endpoint Library

Navigate to Settings -> AI Security -> Endpoints to:

View the built-in endpoint list
Add custom endpoints (e.g. internal LLM proxies, self-hosted models)
Mark endpoints as Approved or Blocked

Approved vs. Blocked

Status	Behaviour
Approved	Connections are logged but do not trigger alerts
Blocked	Connections trigger a policy violation alert immediately
Under Review	Connections are flagged for manual triage

Alerts

When an unapproved AI connection is detected, Aurva generates an alert containing:

Source service and namespace
Destination endpoint and resolved domain
Whether sensitive data was present in the payload
Timestamp and volume

Alerts are routed via your configured Alert Routes to Slack, Jira, email, or SIEM.

Dashboard View

The AI Security dashboard shows:

Total AI connections (approved vs. unapproved) over time
Top services by AI API call volume
Sensitive data exposure events involving AI endpoints
Newly discovered AI endpoints not yet categorised