Skip to main content
Shadow AI refers to AI agents used by employees without explicit approval from security teams. Oso continuously discovers AI agent usage across your organization and flags agents that have been marked as disallowed.

How it works

Oso maintains a catalog of known AI agents. As a security admin, you mark each agent as allowed or disallowed based on your company’s policy. Oso then continuously checks for violations using three discovery channels and alerts you when it finds something.

Agent catalog

The agent catalog is a unified list of known AI agents, organized by environment type:
  • Terminal: Claude Code, Codex, Gemini CLI
  • Desktop: Claude Desktop, Cursor, Antigravity, OpenClaw, Windsurf, Kiro, Microsoft Copilot
  • Browser: Claude.ai, ChatGPT, Gemini, Deepseek, Grok, Perplexity, Mistral, Cohere
Each agent in the catalog can be marked as allowed or disallowed. Oso enables detection for disallowed agents by default. You can optionally enable alerts for unreviewed agents too, if you want broader coverage.

Discovery channels

Oso discovers agent usage through three channels, each providing a different level of visibility.

EDR integration

Oso integrates with your EDR platform to scan endpoints for agent software, including desktop apps, CLI tools, and background processes. This detects agents that are installed on devices, even if they haven’t been used yet. Because EDR scans for installed software, it can detect agents before they generate any network traffic. Set up your EDR integration →

Browser extension

The Oso browser extension monitors sessions to known AI web app domains. When an employee starts a conversation with a browser-based AI tool, Oso records which agent was used, by whom, and on which device. Set up the browser extension →

Edge proxy

When agents are configured to route LLM traffic through Oso’s edge proxy, Oso detects them automatically. The proxy also enables full session monitoring for those agents. Set up the edge proxy →

What you see

The inventory view shows all discovered agents across your organization:
ColumnDescription
AgentThe agent name and environment type (Terminal, Desktop, Browser)
DevicesHow many devices the agent has been found on
UsersWhich users are associated with the agent
Last SeenWhen the agent was last detected
SessionsNumber of monitored sessions (populated once traffic flows through Oso)

Discovered vs. Monitored

Agents fall into two categories based on how they are integrated:
  • Discovered: Oso knows the agent is installed or in use. You can see the agent, the devices it’s on, and the users associated with it.
  • Monitored: Oso has full session-level visibility into prompts, completions, tool calls, and data flow. This requires agent traffic to flow through Oso (via the edge proxy or browser extension).
As you roll out additional integrations, more agents can move from discovered to monitored.

Responding to discoveries

When Oso detects an unsanctioned agent, it sends an alert via Slack. Clicking through takes you to the trigger details page, where you can see:
  • Which agent was detected
  • On which devices and by which users
  • The detection source (CrowdStrike, Browser Extension, or Edge Proxy)
  • Prior violations for the same trigger
The Users & Devices view shows which users have the agent installed and on which devices. Learn more about Alerts →