SailPoint improves visibility and control over unauthorized AI use

SailPoint has announced the launch of SailPoint Shadow AI Remediation, the latest component of its real-time AI governance and security framework. This solution enables organizations to discover, monitor, and secure the use of unauthorized AI tools, known as “shadow AI,” helping to mitigate the security and compliance risks associated with the rapid growth of artificial intelligence.

As employees turn to AI platforms like ChatGPT, Claude, Gemini, and others to enhance productivity, they often do so outside of approved IT channels. This “shadow AI” introduces a critical challenge for enterprises: creating a significant blind spot and loss of control for security leaders over how employees interact with these platforms.

SailPoint Shadow AI Remediation addresses this by providing real-time visibility into how employees use these tools, including monitoring document uploads and interaction frequency. This capability is crucial in an environment where, according to a report that was recently published, 80% of organizations report their AI agents have performed unintended actions, such as accessing or sharing inappropriate data.

SailPoint Shadow AI Remediation helps organizations:

• Gain real-time visibility into shadow AI usage: Organizations gain immediate visibility into how employees are utilizing unmonitored AI tools. This visibility tackles the critical risk of sensitive data exposure from employees unknowingly uploading confidential files into unapproved AI models.
• Enable proactive remediation and centralized oversight: Security teams are empowered to actively prevent misuse by blocking unauthorized uploads, redirecting users to sanctioned AI tools, or prompting them for business justification. This centralized oversight helps reduce security gaps and promotes compliance in an increasingly AI-driven world.
• Facilitate easy deployment with minimal user impact: Designed for an effortless rollout, the solution can be deployed via a simple browser extension using standard device management tools like Intune or JAMF, requiring no networking or infrastructure updates. This allows for implementation of applicable security measures without disrupting the end-user experience.

“Many vendors are trying to solve the shadow AI problem with isolated browser or endpoint tools, but that misses the bigger picture. This is fundamentally an identity challenge,” said Chandra Gnanasambadam, EVP of Product and Chief Technology Officer at SailPoint.

“We believe controlling AI usage is best achieved through a platform-centric approach that unifies identity, data, and security intelligence in real-time. Our real-time AI governance and security framework is built on this principle. By linking human and non-human identities, we provide the context needed to not just see shadow AI, but to govern it effectively. Shadow AI delivers robust real-time visibility, proactive remediation, and seamless deployment, all deeply integrated with the SailPoint Platform,” Gnanasambadam added.

The release of Shadow AI Remediation is an important milestone for SailPoint’s real-time AI governance and security framework. This framework unifies Agent Identity Security, Machine Identity Security, Data Access Security, and now Shadow AI Remediation to provide a holistic approach to securing AI.

By integrating AI tool usage activity into SailPoint’s Identity Security Cloud, organizations can enrich their identity graph, adding important context that enables more intelligent decisions about access and risk. We believe SailPoint’s platform-centric approach, which links human and non-human identities with data and security intelligence, uniquely positions the company to help businesses navigate the complexities of AI security.