As SaaS vendors look to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the AI world: shadow AI.
Shadow AI refers to the unauthorized use of AI tools and co-pilots within organizations. For example, a developer using ChatGPT to help write code, a salesperson downloading an AI-powered meeting transcription tool, or a customer service representative using Agentic AI to automate tasks—without going through the appropriate channels. When these tools are used without IT or security’s knowledge, they often lack security controls, putting company data at risk.
Problems with the detection of shadow artificial intelligence
Because shadow AI tools are often built into established business applications through AI assistants, co-pilots, and agents, they are even more difficult to detect than traditional shadow IT. While traditional shadow apps can be identified using network monitoring methodologies that scan unauthorized connections based on IP addresses and domain names, these AI helpers can fly under the radar because they share an IP address or domain with approved apps.
In addition, some employees use autonomous AI tools associated with personal accounts, such as personal instances of ChatGPT, to assist with work tasks. Although these AI applications are not connected to corporate infrastructure, there is a risk that employees will enter sensitive data into them, increasing the possibility of a data breach.
Shadow AI Security Risks
Like any other malware, AI malware expands its attack surface through uncontrolled integrations and APIs. They are often set up with weak configurations such as excessive permissions, repetitive passwords, and lack of multi-factor authentication (MFA), increasing the risk of exploitation and lateral network movement.
However, shadowy AI tools are even more dangerous than traditional shadowware due to their ability to absorb and share information. One study found that 15% of employees put company data into AI tools. As GenAI models learn from each interaction, there is a risk that they will reveal sensitive information to unauthorized users or spread misinformation.
How Reco Discovers Shadow AI in SaaS
Rivera SaaS security solution, uses AI-based graph technology to detect and catalog shadow AI. Here’s how Reco works:
- Active Directory Integration: Reco starts by integrating with your organization’s Active Directory, such as Microsoft Azure AD or Okta, to gather a list of approved and known AI applications and tools.
- Analyzing Email Metadata: Reco analyzes email metadata from platforms such as Gmail and Outlook to detect communication by unauthorized tools. It filters out internal apps and marketing emails and focuses on usage metrics like account confirmations and download requests.
- GenAI module matching: Using a proprietary, fine-tuned model based on interaction and NLP, Reco aggregates and refines the list by matching individuals with appropriate AI programs and tools. It then creates a list of all the SaaS applications and AI tools in use, who is using them, and what authentication mechanisms are being used.
- Detecting shadow apps: By comparing this list to a list of known AI apps and tools, Reco creates a list of unauthorized shadow AI apps and tools.
What Reco can tell you about Shadow AI Tools
After Reco compiles a list of shadow AI tools and applications, Reco can answer questions like:
What SaaS programs are currently being used in your organization? Which of these programs use co-pilots and co-pilots?
Reco inventories all applications running in your environment that are related to your business email. It creates a list of who uses what, how they authenticate, and creates activity logs to understand their behavior. Therefore, it can warn about suspicious activities such as excessive downloads, external file access or permission changes. It also provides a vendor risk assessment so security teams can prioritize riskier programs.
What connections exist between programs?
SaaS applications do not operate as islands. You need to understand how they interact with other programs to effectively manage risk. Reco shows all integrations between applications detected in your environment. For example, you can see whether an AI tool has been connected to business-critical applications like Gmail or Snowflake, and what permissions each AI application has.
Which individuals use each AI tool? What permissions do they have and how are they authenticated?
One of the main challenges in SaaS security is the lack of centralization – identity management is spread across multiple applications. Reco unifies credentials across all SaaS applications so you can manage them from a single console. You can see what permissions each person has, how they authenticate, and whether they have administrator privileges. Who doesn’t have an MFA enabled? Who has excessive permissions? You can create roles and enforce policies that span multiple applications.
What actions did each individual perform in SaaS and AI applications and when did they occur?
Reco’s AI-powered knowledge graph technology maps all detected SaaS applications, including sanctioned and shadow programs, to the identities of both people and machines, their permission levels, and activities. The knowledge graph then looks for changes in these vectors over time. If the graph shows a sharp change, then Reco warns of an anomaly. For example, if there is a decline in user engagement, Reco can predict that an employee is planning to leave the organization.
Find out which AI applications are accessing sensitive data and who is using them. Then implement governance and access control policies through the Reco platform.
What Reco can’t do for Shadow AI security
Because Reco is agentless and read-only, there are some limitations to its shadow AI security capabilities. Here’s what Reco can’t do:
- Prohibit data entry: Reco cannot prevent users from entering sensitive data into unauthorized AI tools or applications.
- Block Shadow AI Tools: Reco does not directly block or disable shadow AI tools or integrations as it does not interfere with the app’s functionality.
- Restrict user behavior: Reco can’t enforce policies or prevent users from accessing unapproved tools — it can only detect and warn about activities.
- Change permissions: Reco cannot modify user rights or revoke access to shadow AI tools as it has read-only access to data and no write access to SaaS applications.
- Stop API integration: Reco can’t prevent shady third-party AI tools from connecting through the API, but it can identify those connections and warn about them.
At the end of the day, Reco is a visibility and discovery tool. It cannot take action itself, but it can provide security teams with the knowledge they need to take appropriate action at the right time to reduce risks.
How Reco continuously protects SaaS applications and AI tools
After Reco discovers, inventories, and ranks all of your shadow apps and AI tools, Reco provides ongoing security throughout the entire SaaS lifecycle. Reco supplies:
- Posture management and compliance: Reco detects misconfigurations that could put your data at risk, such as excessive user rights, open files, outdated accounts, and weak authentication mechanisms. The How To Fix feature provides instructions on how to fix the risks. It continuously monitors for configuration changes that may lead to data exposure through SaaS Security Posture Management (SSPM).
- Identities and access management: Reco unifies credentials across your SaaS applications, enabling centralized management of permissions and roles. By analyzing user permission levels and user behavior within your SaaS ecosystem, Reco provides visibility into critical exposure flaws that could lead to a breach.
- Threat detection and response: Reco delivers real-time alerts for unusual activity that may indicate malicious intent, such as failed travel, unusual downloads, suspicious permission changes, or repeated failed login attempts. It integrates with your SIEM or SOAR so organizations can effectively address SaaS risks within existing workflows.
To know more about Reco, you can see pre-recorded demo here. Or visit reco.ai to schedule a live demo.
