[ SYSTEM_DIRECTORY / SHADOW_AI DETECTION ]

Shadow AI Detection

Five-layer discovery. From network proxy logs to on-device models running below the browser.

+ + + +

Identify unauthorised AI tool usage before the regulator does. A single unmanaged seat using corporate credentials on ChatGPT Enterprise creates three simultaneous exposures: licensing waste, a GDPR Article 28 data transfer liability, and a gap in your EU AI Act Article 9 risk inventory. Mima maps all five discovery layers — network proxy logs, OAuth grants, browser extension telemetry, endpoint binaries, and on-device AI models (LM Studio, Ollama) — into one classified inventory.

Every discovered AI asset is classified (Sanctioned, Monitored, Blocked, Unclassified), scored for risk, and mapped to your DLP policies. Prompt guard logs record what was queried, by whom, and with what data — without tracking user activity or logging keystrokes. Compliance posture is scored simultaneously against EU AI Act, NIST AI RMF, and ISO 42001. Blocking actions route through your configured autonomy level before executing.

[ SHADOW AI TELEMETRY CLASSIFICATION ]
ChatGPT Plus Enterprise
Source: SaaS
[ Classification: MONITORED ]
Notion AI Assistant
Source: SaaS
[ Classification: SANCTIONED ]
Midjourney Design Engine
Source: SaaS
[ Classification: UNCLASSIFIED ]
LM Studio (Local Model)
Source: Local [ BELOW THE BROWSER ]
[ Classification: LOCAL / MONITORED ]