How Reco Discovers Shadow AI in SaaS

As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI.

Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson downloading an AI-powered meeting transcription tool, or a customer support person using Agentic AI to automate tasks – without going through the proper channels. When these tools are used without IT or the Security team’s knowledge, they often lack sufficient security controls, putting company data at risk.

Shadow AI Detection Challenges

Because shadow AI tools often embed themselves in approved business applications via AI assistants, copilots, and agents they are even more tricky to discover than traditional shadow IT. While traditional shadow apps can be identified through network monitoring methodologies that scan for unauthorized connections based on IP addresses and domain names, these AI assistants can fly under the radar because they share an IP address or domain with approved applications.

Additionally, some employees utilize standalone AI tools tied to personal accounts, like personal ChatGPT instances, to assist with work-related tasks. While these AI apps aren’t connected to corporate infrastructure, there’s still the risk that employees will input sensitive data into them, increasing the chance of data leaks.

Shadow AI Security Risks

Like any shadow apps, shadow AI apps expand the attack surface through unmonitored integrations and APIs. They’re often set up with weak configurations like excessive permissions, duplicative passwords, and no multi-factor identification (MFA), increasing the risk of exploitation and lateral movement within the network.

However, shadow AI tools are even more dangerous than traditional shadow apps because of their ability to ingest and share information. One study found that as many as 15% of employees post company data in AI tools. Since GenAI models learn from every interaction, there’s a risk they will expose sensitive information to unauthorized users or spread misinformation.

How Reco Discovers Shadow AI in SaaS

Reco, a SaaS security solution, uses AI-based graph technology to discover and catalog shadow shadow AI. Here’s how Reco works:

1. Active Directory Integration: Reco begins by integrating with your organization’s Active Directory, such as Microsoft Azure AD or Okta, to gather a list of approved and known applications and AI tools.
2. Email Metadata Analysis: Reco analyzes email metadata from platforms like Gmail and Outlook to detect communications with unauthorized tools. It filters out internal apps and marketing emails and focuses on usage indicators, like account confirmations and download requests.
3. GenAI Module Matching: Using a proprietary, fine-tuned model based on interactions and NLP, Reco consolidates and cleans the list, matching identities with corresponding apps and AI tools. Then, it creates a list of all SaaS apps and AI tools being used, who is using them, and what authentication mechanisms are being used.
4. Shadow Application Detection: By comparing this list against a list of known applications and AI tools, Reco produces a list of unauthorized applications and shadow AI tools.

What Reco Can Tell You About Shadow AI Tools

After Reco produces the list of shadow AI tools and apps, Reco can answer questions like:

Which SaaS apps are currently in use across your organization? Of these apps, which are utilizing AI assistants and copilots?

Reco inventories all applications running in your environment that are associated with your business email. It creates a list of who is using what, how they’re authenticating, and produces activity logs in order to understand their behavior. That way, it can alert to suspicious activity, like excessive downloads, external file sharing, or permission changes. It also provides a Vendor Risk Score so security teams can prioritize riskier apps.

What app-to-app connections exist?

SaaS applications don’t operate as islands. You need to understand how they’re interacting with other applications to effectively manage risk. Reco shows you all the app-to-app integrations discovered within your environment. For example, you can see if an AI tool has been connected to a business-critical application like Gmail or Snowflake, and what permissions each AI application has.

What identities are using each AI tool? What permissions do they have and how are they authenticating?

One of the main challenges in SaaS security is the lack of centralization – identity management is spread out across multiple apps. Reco consolidates identities across all SaaS applications so you can manage them from a single console. You can dig into what permissions each identity has, how they’re authenticating, and whether or not they have Admin privileges. Who does not have MFA enabled? Who has excessive permissions? You can create roles and enforce policies that span multiple apps.

What actions has each identity taken across SaaS and AI applications and when did this happen?

Reco’s AI-based knowledge graph technology maps all discovered SaaS applications–including sanctioned and shadow applications–associated identities from both humans and machines, their permission levels, and actions. The knowledge graph then looks for changes in these vectors over time. If the graph indicates a dramatic change, then Reco alerts on an anomaly. For example, if there is a decrease in user engagement, Reco can predict the employee is planning on leaving the organization.

Find out which AI applications are accessing sensitive data and who is using them. Then, implement governance and access management policies via the Reco platform.

What Reco Cannot Do for Shadow AI Security

Since Reco operates in an agentless, read-only capacity, there are certain limitations to its shadow AI security capabilities. Here’s what Reco can’t do:

• Prevent Data Input: Reco cannot stop users from entering sensitive data into unauthorized AI tools or applications.
• Block Shadow AI Tools: Reco does not directly block or disable shadow AI tools or integrations since it does not interfere with app functionality.
• Restrict User Behavior: Reco cannot enforce policies or prevent users from accessing unapproved tools—it can only detect and alert on activity.
• Modify Permissions: Reco cannot change user permissions or revoke access to shadow AI tools, as it only has read-only access to the data and doesn’t have write access to SaaS applications.
• Stop API Integrations: Reco cannot prevent third-party shadow AI tools from connecting via APIs, but it can identify and alert these connections.

Ultimately, Reco is a visibility and detection tool. It can’t take action itself, but it can empower Security teams with the knowledge needed to take appropriate action at the right time to reduce risks.

How Reco Continuously Secures SaaS Applications and AI Tools

After Reco discovers all your shadow applications and AI tools, takes inventory, and ranks them, Reco provides continuous security for the full SaaS lifecycle. Reco delivers:

• Posture management and compliance: Reco identifies misconfigurations that may put your data at risk, such as over-permissioned users, publicly exposed files, stale accounts, and weak authentication mechanisms. The ‘How to Fix’ feature gives instructions on how to clean up risks. It continuously monitors for configuration changes that could lead to data exposure via SaaS Security Posture Management (SSPM).
• Identities and Access Governance: Reco unifies identities across your SaaS applications, enabling centralized management of permissions and roles. By analyzing user permission levels and behaviors within your SaaS ecosystem, Reco provides visibility into critical exposure gaps that could lead to a breach.
• Threat Detection and Response: Reco delivers real-time alerts for unusual activities that may indicate malicious intent, such as impossible travel, unusual downloads, suspicious permission changes, or repeated failed login attempts. It integrates with your SIEM or SOAR so organizations can remediate SaaS risks efficiently within existing workflows.

To learn more about Reco, you can watch the pre-recorded demo here. Or visit reco.ai to schedule a live demo.