NEW RESEARCH: Your Sandbox Is Made of Glass
Read
Shadow AI Inventory
You blocked OpenAI at the firewall — then a confidential model showed up in prompt logs from a free chatbot anyway. Trinitite consumes the Secure Web Gateway telemetry you already have, correlates it against your governed traffic, and emits a signed, deduplicated inventory of unsanctioned AI usage. No new inline blocker to defend.
shadow_ai · summary · 30d
SIGNED
342
shadow events · 41 users
chat.openai.com
198 · shadow
*.anthropic.com
76 · shadow
*.cursor.com
54 · governed
sanctioned
1,204
read-only
no block injected
We never inject into your SWG. We only read what it already exports.
The platform contributes the curated registry of AI endpoints, the correlation against governed traffic, and the signed evidence bundle the auditor can cite — leaving block decisions where your security team already trusts them. A senior partner can paste an M&A model into a free chatbot in twelve seconds; detection is the first defensible step.
How it works
01
Read SWG telemetry
Consume the DNS and URL events your Secure Web Gateway already exports — we never inject, decrypt TLS, or see request bodies.
02
Classify against the registry
Match each event against ai_destination_registry — Trinitite’s curated, maintained catalogue of known AI vendor endpoints, chat surfaces, and SDK CDNs.
03
Correlate ±60s
Check for a governed request to the same vendor by the same principal within ±60 seconds — the sanctioned Trinitite path counts as evidence the usage was governed.
04
Flag shadow
A known AI vendor with no governed equivalent in the window is flagged is_shadow, deduplicated to a counted single row per 24 hours.
05
Sign the inventory
Events are append-only and chain-linked into the unified ledger; the summary emits signed by_vendor, by_user, and totals rollups ready for a workpaper.
Zscaler NSS
Cisco Umbrella
Cloudflare Zero Trust
Netskope
Forcepoint
generic DNS
The signed bundle
by_vendor
vendor, category, event_count, shadow_count, user_count — answers "where is the unsanctioned usage going?"
by_user
matched_user_id, raw principal, event_count, shadow_count — answers "who is doing it?" resolved to your IdP where possible.
totals
events, shadow, sanctioned, unknown_destinations — the top-line numbers for the executive summary and trend chart.
In your language
CISO
A signed, queryable inventory of every unsanctioned AI vendor visit by user, device, and time — from telemetry you already pay for, with no new inline blocker to defend in procurement.
Chief Audit Executive
"How do we know our AI inventory is complete?" — answered by a continuous, deduplicated, externally clock-anchored stream instead of an annual survey.
Compliance Officer
EU AI Act Annex IV §1 inventory, SR 11-7 §III shadow-model inventory, SOC 2 CC6.6, SOX §404 — all backed by the same signed event stream.
General Counsel
GDPR Art. 28: unsanctioned AI vendors are uncontracted processors. Detection is the first defensible step toward DPA closure or vendor enforcement.
By design
—
Inject blocks into your SWG — block decisions stay where your security team already enforces them.
—
Decrypt TLS — we consume domain / URL telemetry the SWG already extracted; never request bodies.
—
Mass-store raw logs — unmatched, unflagged events are dropped to keep the inventory consumable.
The governed-route content controls live in reversible masking; the audit substrate is the audit platform; the privacy program is for CPOs & compliance.
FAQ
Point us at a read-only export from Zscaler, Umbrella, Cloudflare, or Netskope — get back a deduplicated, signed inventory of unsanctioned AI usage by vendor, user, and time.
Trinitite
AI governance that catches mistakes, proves compliance, and shows the board what it saved—in dollars.
Trinitite is built by Fiscus Flows, Inc.
Products
Products
Solutions
Resources
Developers
© 2026 Fiscus Flows, Inc. · All rights reserved
Accessibility
The Guardian Standard™