SailPoint, Inc. (Nasdaq: SAIL), a leader in unified identity security for enterprises, today announced the launch of SailPoint Shadow AI Remediation, the next major component of its real-time AI governance and security framework. This innovative solution empowers organisations to discover, monitor, and secure the use of unauthorised AI tools, known as “Shadow AI,” helpingto mitigate significant security and compliance risks associated with the explosive growth of artificial intelligence.
As employees increasingly turn to AI platforms like ChatGPT, Claude, Gemini, and others to enhance productivity, they often do so outside of approved IT channels. This “Shadow AI” introduces a critical challenge for enterprises: creating a significant blind spot and loss of control for security leaders over how employees interact with these platforms. SailPoint Shadow AI Remediation addresses this by providing real-time visibility into how employees use these tools, including monitoring document uploads and interaction frequency. This capability is crucial in an environment where, according to a report that we recently published, 80% of organisations report their AI agents have performed unintended actions, such as accessing or sharing inappropriate data.
SailPoint Shadow AI Remediation helps organisations:
-
Gain real-time visibility into Shadow AI usage: Organisations gain immediate visibility into how employees are utilising unmonitored AI tools. This visibility tackles the critical risk of sensitive data exposurefrom employees unknowingly uploading confidential files into unapproved AI models.
-
Enable proactive remediation and centralised oversight: Security teams are empowered to actively prevent misuse by blocking unauthorised uploads, redirecting users to sanctioned AI tools, or prompting them for business justification. This centralised oversight helps reduce security gaps and promotes compliance in an increasingly AI-driven world.
-
Facilitate easy deployment with minimal user impact: Designed for an effortless rollout, the solution can be deployed via a simple browser extension using standard device management tools like Intune or JAMF, requiring no networking or infrastructure updates. This allows for implementation of applicable security measures without disrupting the end-user experience.
“Many vendors are trying to solve the Shadow AI problem with isolated browser or endpoint tools, but that misses the bigger picture. This is fundamentally an identity challenge,” said Chandra Gnanasambadam, EVP of Product and Chief Technology Officer at SailPoint. “We believe controlling AI usage is best achieved through a platform-centric approach that unifies identity, data, and security intelligence in real-time. Our real-time AI governance and security framework is built on this principle. By linking human and non-human identities, we provide the context needed to not just see Shadow AI, but to govern it effectively. Shadow AI delivers robust real-time visibility, proactive remediation, and seamless deployment, all deeply integrated with the SailPoint Platform.”
The release of Shadow AI Remediation is an important milestone for SailPoint’s comprehensive real-time AI governance and security framework. This framework unifies Agent Identity Security, Machine Identity Security, Data Access Security, and now Shadow AI Remediation to provide a holistic approach to securing AI. By integrating AI tool usage activity into SailPoint’s Identity Security Cloud, organisations can enrich their identity graph, adding important context that enables more intelligent decisions about access and risk. We believe SailPoint’s platform-centric approach, which links human and non-human identities with data and security intelligence, uniquely positions the company to help businesses navigate the complexities of AI security.
