AI tools

Overview

The AI tools page is your central inventory of all AI applications detected in your organization's network traffic. From here you can review each tool's risk profile, change its status, and bring it under formal governance through the model inventory.

Tool list

The main table shows all detected tools with the following columns:

• Tool: Name and vendor icon of the detected AI application
• Status: Current status assigned to the tool (see below)
• Users: Number of unique users who have accessed this tool
• Events: Total network events recorded for this tool
• Risk score: Composite score from 0 to 100 (hover for formula details)
• Last seen: Date of the most recent network event for this tool

Click any column header to sort the table. Use the status filter dropdown to narrow the list to a specific status.

Tool statuses

Each tool can be assigned one of these statuses to reflect your organization's assessment:

• Blocked: Prohibited from use. Access attempts can trigger alerts if a "Blocked tool attempt" rule is configured.
• Dismissed: Reviewed but deemed irrelevant (e.g., false positive).

Tool detail view

Click any tool row to open the detail view, which shows:

• Vendor, total users, total events, risk score, first detected, and last seen dates
• A status selector to change the tool's status
• Department breakdown showing which teams are using the tool
• Top users ranked by event count

Starting governance

If a detected tool has not yet been added to the model inventory, a "Start governance" button appears in the detail view. Clicking it opens a wizard that creates a new model inventory entry pre-filled with the tool's provider, name, and version.

Risk score

The risk score is a composite metric from 0 to 100, recalculated nightly. It uses a weighted formula: