AI monitoring startup Lanai Inc. says it’s ready to tackle the growing risk presented by “shadow” artificial intelligence with the launch of its new observability agent, which runs so-called “detection models” directly on corporate devices, instead of routing conversations through centralized cloud infrastructure.
Lanai says its AI Observability Agent is the next step in AI governance, eliminating the risks associated with employees who use unauthorized chatbots and services. It provides full visibility into employee’s generative AI interactions across any application, without sending data outside of an organization’s own network.
The startup believes that “shadow AI” has become an acute crisis for enterprises, citing a study by LayerX Ltd. that shows more than 89% of all enterprise AI usage is completely invisible to information technology and security teams. That’s because employees are doing things such as using personal ChatGPT accounts for work to increase their productivity, while software engineers employ unauthorized tools such as Codeium and Cursor to help write code faster. In addition, many workers blithely feed sensitive information into the AI features embedded in platforms such as Salesforce, Adobe and Microsoft 365, without their supervisors knowing about it.
That’s problematic, according to Lanai co-founder and Chief Executive Lexi Reese, because it means security teams are being asked to secure things that they cannot see. “The shadow AI problem is exploding as employees are using personal accounts, unapproved coding agents and embedded AI features in everyday SaaS tools, and this all sits outside IT’s visibility,” she said. “Traditional tools might catch someone visiting ChatGPT.com, but they have no idea if that employee just shared company trade secrets or a client’s sensitive revenue information.”
Reese said Lanai’s AI Observability Agent embeds lightweight observability models onto every employee’s device to bring this activity out of the shadows and add guardrails to ensure that sensitive information is not being shared with third-party AI, ensuring safety without sacrificing speed or innovation.
Lanai’s observability agents can be integrated with existing data management tools within 24 hours or less, and enable dynamic detection across any application employees use, without the need to create static lists. They carry out prompt and response analysis in real time to ensure no sensitive data or workflow insights are being leaked, with all of the processing done on the employee’s device.
By using Lanai as a source of intelligence into what AI tools people are using, companies can approve the services that are most useful and shut down others to protect vast amounts of data, the startup said.
