Shadow AI in the Enterprise: How to Find and Govern Unregistered AI

In every enterprise network scan we conduct, the findings are consistent: between 3 and 12 unregistered AI API endpoints are actively processing corporate data without governance oversight. Marketing teams pipe customer data through GPT. Engineering runs self-hosted Ollama instances. Data science calls Anthropic from personal accounts.

This isn't malicious. It's pragmatic. Teams adopt AI because it works, and the official procurement process takes 6 months. But the governance gap is real, and growing.

What Network Scans Reveal

VARC's Shadow AI Discovery module scans network ranges for outbound API calls to known AI providers. In a typical mid-size enterprise (5,000 employees), a standard scan reveals:

Commercial LLM APIs (3-5 endpoints): Calls to api.openai.com, api.anthropic.com, generativelanguage.googleapis.com. Employees using AI through browser extensions, personal API keys, or unauthorized SaaS tools.

Self-hosted models (1-3 endpoints): Ollama on port 11434, vLLM instances, HuggingFace inference servers. Often with zero access controls.

Azure/AWS AI services: Calls to Azure OpenAI or AWS Bedrock from developer accounts not governed by the central AI team.

The PII Exposure Problem

Over 60% of shadow AI endpoints we discover are processing personally identifiable information. Customer names, account numbers, medical records, and employee data flowing to AI systems with no data retention policies, no access logging, and no compliance framework applied.

Three Actions: Govern, Block, or Escalate

For each discovered endpoint, VARC provides three actions:

Bring Under Governance: Onboard the endpoint into your AI Registry, assign it a governance profile, and route it through the SAGA enforcement pipeline. The AI continues operating, now governed.

Block and Report: Generate a firewall rule recommendation and notify the security team. The endpoint is shut down.

Escalate to CISO: Flag for investigation. The endpoint may be legitimate but unauthorized, or it may indicate a policy gap that needs addressing at the organizational level.

You Can't Govern What You Can't See

Shadow AI is the new shadow IT, except the data leakage vector is orders of magnitude worse. A shadow SaaS subscription might expose a credit card number. A shadow AI endpoint can expose your entire customer database in a single prompt.

Discovery is the first step. Governance is the destination.