How Do You Detect Unauthorized AI Tool Usage?

PolicyGuard Team · PolicyGuard

April 1, 20267 min read

How Do You Detect Unauthorized AI Tool Usage? - PolicyGuard AI

Unauthorized AI tool usage is detected through three methods: browser-level monitoring capturing visits with user context, OAuth monitoring detecting AI apps connected to corporate accounts, and DNS monitoring capturing all AI network traffic.

No single detection method catches everything. Browser monitoring provides user-level detail but misses non-browser usage. OAuth catches app integrations but misses direct web usage. DNS monitoring catches all network traffic but lacks user identity. Effective detection requires all three working together.

TL;DR: Three detection methods exist: browser monitoring, OAuth tracking, and DNS monitoring. Each catches what the others miss.

Shadow AI Detection: The process of identifying unauthorized AI tool usage through technical monitoring of browser activity, application integrations, and network traffic.

Organizations that cannot detect unauthorized AI usage cannot enforce AI policy, quantify data risk, or pass compliance audits. Detection is the foundation of AI governance. Here is how each method works, what it catches, what it misses, and why you need all three for complete coverage.

Three Methods Compared

Each detection method operates at a different layer of the technology stack, giving it unique strengths and blind spots.

Dimension	Browser Monitoring	OAuth Monitoring	DNS Monitoring
What it detects	AI tool visits, time on page, navigation patterns	AI apps connected to corporate identity	Network connections to AI service domains
What it misses	Mobile apps, non-browser AI tools, personal devices	Direct web usage without SSO, personal accounts	User identity, what data was entered, encrypted payloads
Coverage scope	Managed browsers on managed devices	Corporate identity provider scope	All devices on corporate network/VPN
Setup complexity	Low (browser extension deployment)	Low (identity provider API)	Medium (DNS resolver configuration)
Data richness	High (user, URL, timestamp, duration)	Medium (app name, permissions, user)	Low (domain, IP, timestamp)
Real-time alerting	Yes	Periodic (API polling)	Yes

Browser Extension Monitoring

Browser monitoring provides the richest data about AI tool usage. A managed browser extension observes navigation events and reports visits to known AI domains.

What it catches:

Visits to AI tool websites (ChatGPT, Claude, Gemini, Perplexity, etc.) with exact timestamps
User identity tied to every visit through browser profile or device enrollment
Time spent on AI tools, distinguishing between brief visits and extended sessions
Navigation patterns that indicate data input (visiting an AI tool immediately after viewing sensitive internal documents)
New AI tools as they emerge, if the extension maintains an updated domain list

What it misses:

AI tools used on personal devices or unmanaged browsers
Desktop AI applications (Cursor, local LLMs) that run outside the browser
Mobile AI app usage on personal phones
AI features embedded within approved applications (Notion AI, Canva AI) that share a domain with the non-AI product
Usage on incognito or guest browser profiles if the extension is not force-installed

Browser monitoring is the highest-value starting point because it provides user-level attribution. Knowing that a specific person visited a specific AI tool at a specific time is the foundation of enforcement.

OAuth Integration Monitoring

OAuth monitoring detects AI applications that employees have connected to their corporate Google Workspace or Microsoft 365 accounts.

What it catches:

AI tools that employees authorized to access corporate email, documents, or calendar data
The specific permissions each AI app was granted (read email, access Drive, manage calendar)
When the authorization occurred and who granted it
Third-party AI apps in the Google Workspace Marketplace or Microsoft AppSource that employees installed

What it misses:

AI tools used via direct web access without SSO integration
Personal account usage (employee logs into ChatGPT with a personal email, not corporate SSO)
AI tools that do not use OAuth (most AI tools used via web browser do not request OAuth permissions)
Usage volume or frequency (OAuth shows the connection exists, not how often it is used)

OAuth monitoring is low-effort and high-impact for a specific threat: AI applications that have been granted access to corporate data through identity provider integrations. A single unauthorized OAuth grant can give an AI tool persistent access to corporate email or documents.

Detect Every Unauthorized AI Tool

PolicyGuard combines browser monitoring, OAuth tracking, and DNS analysis in a single platform. Get complete visibility into AI tool usage across your organization.

Start free trial

PolicyGuard helps companies like yours get AI governance documentation audit-ready in 48 hours or less.

Start free trial →

DNS Monitoring

DNS monitoring captures all network-level connections to AI service domains, regardless of how the connection is made.

What it catches:

Every device on the corporate network or VPN connecting to AI services
API-level AI usage (scripts, automations, and backend services calling AI APIs)
AI tool usage from any application type: browser, desktop app, mobile app, command-line tool
Volume of requests to each AI domain, indicating intensity of usage

What it misses:

Which specific user made the request (DNS resolves at the device or network level, not user level)
What data was sent or received (DNS only shows the domain, not the payload)
AI usage on personal devices using cellular data or personal Wi-Fi
AI services accessed through VPN endpoints that bypass corporate DNS

DNS monitoring is the broadest detection method. It catches AI usage that browser monitoring and OAuth monitoring miss, including desktop applications, command-line tools, and automated scripts. The tradeoff is low data richness: you know something connected to an AI service, but not who or why.

Why You Need All Three

Each method covers the gaps left by the others. The coverage matrix shows why a single method is insufficient.

Usage Scenario	Browser Monitoring	OAuth Monitoring	DNS Monitoring
Employee uses ChatGPT in Chrome	Detected	Not detected	Detected
Employee connects AI app to Google Workspace	Not detected	Detected	Detected
Developer uses Cursor IDE with AI	Not detected	Not detected	Detected
Employee uses AI on personal phone over Wi-Fi	Not detected	Not detected	Detected
Employee uses AI on personal phone over cellular	Not detected	Not detected	Not detected
Employee uses Grammarly browser extension	Detected	Not detected	Detected
Automated script calls OpenAI API	Not detected	Not detected	Detected

Browser monitoring provides identity and context. OAuth monitoring catches persistent data access grants. DNS monitoring provides breadth. Together, they create a detection net that catches the vast majority of unauthorized AI usage within your environment. For understanding the risks that unauthorized usage creates, see our shadow AI risk analysis. For building the governance program that acts on detection findings, read our AI policy and governance guide.

Frequently Asked Questions

Which detection method should we implement first?

Browser extension monitoring. It provides the highest data richness (user identity, tool, timestamp, duration) with the lowest setup complexity. You can deploy a browser extension to managed Chrome or Edge browsers in hours through your endpoint management platform.

Can employees bypass AI detection?

Individual methods can be bypassed. Employees can use personal devices to avoid browser monitoring, use personal email accounts to avoid OAuth detection, or use cellular data to avoid DNS monitoring. The three-method approach makes comprehensive evasion difficult, requiring an employee to avoid all corporate infrastructure simultaneously.

Does DNS monitoring require a proxy or firewall?

No. DNS monitoring operates at the DNS resolver level. By routing corporate DNS through a resolver that logs AI-related domains, you capture connection data without deploying a proxy or modifying firewall rules. Most organizations can implement this by updating their DNS resolver configuration or using a cloud DNS service with logging capabilities.

How do you handle false positives in AI detection?

Maintain a curated allowlist of approved AI tools and domains. Flag only connections to unapproved AI services. Review flagged events weekly to identify false positives (for example, a marketing site that shares infrastructure with an AI service) and update the allowlist. Automated classification reduces false positives over time.

Is employee consent required for AI usage monitoring?

On company-owned devices and networks, most jurisdictions allow monitoring with disclosure. Include AI monitoring in your acceptable use policy and employee handbook. In the EU, GDPR requires a legitimate interest assessment and employee notification. In some US states, specific consent requirements apply. Consult your legal team for jurisdiction-specific requirements before deploying monitoring tools.

Complete Shadow AI Detection

PolicyGuard combines all three detection methods in a single dashboard. Identify unauthorized AI tools, quantify data risk, and generate audit evidence automatically.

Start free trial

Shadow AIAI Risk ManagementEnterprise AI

Frequently Asked Questions

What is the most effective single method for detecting shadow AI usage?+

DNS-level monitoring is widely considered the most effective single detection method because it captures all domain resolution requests from managed devices regardless of the application, browser, or protocol used. Every time an employee accesses an AI service, their device must resolve the service's domain name, and DNS monitoring logs this event. Unlike browser-based monitoring, DNS analysis catches desktop applications, command-line tools, IDE plugins, and API calls that connect to AI services. It operates at the network infrastructure level, making it difficult to bypass on corporate networks. The limitation is that DNS monitoring tells you which AI domains are being contacted but not what data is being transmitted, so it should be combined with other methods for a complete picture.

Does browser extension monitoring detect AI usage in native mobile apps?+

No, browser extensions only monitor activity within the specific browser where they are installed. They cannot detect AI usage in native mobile applications, desktop applications, IDE plugins, command-line tools, or even other browsers on the same device. This is a significant blind spot because many popular AI tools offer native apps for iOS and Android that employees may prefer over web interfaces. If an employee uses the ChatGPT mobile app on a company phone, a browser extension on their laptop will not detect it. To cover native apps, organizations need complementary approaches such as mobile device management policies, network-level monitoring, or OAuth application auditing through the corporate identity provider.

Can employees bypass browser extension monitoring and how?+

Yes, determined employees can bypass browser extension monitoring through several methods. They can use a personal device or phone that does not have the corporate browser extension installed. They can use a different browser if the extension is only enforced on one browser. They can use AI tools through API calls, command-line interfaces, or IDE integrations that operate outside the browser entirely. Some technically sophisticated users may use VPNs or proxy services to mask their traffic. Incognito or private browsing modes may disable extensions depending on configuration. This is precisely why security professionals recommend a layered detection strategy that combines browser monitoring with DNS analysis, network traffic inspection, OAuth auditing, and endpoint monitoring rather than relying on any single method.

What is OAuth monitoring and which AI apps does it detect?+

OAuth monitoring examines the application authorizations granted through your corporate identity provider, such as Google Workspace, Microsoft Entra ID, or Okta. When employees sign into AI tools using their corporate email via single sign-on or grant AI applications permission to access corporate data, these authorization events are logged. OAuth monitoring detects AI tools like ChatGPT, Claude, Notion AI, Grammarly, Jasper, and dozens of others that offer sign-in-with-Google or sign-in-with-Microsoft options. It is particularly valuable because it reveals not just that an employee is using an AI tool but what level of access they have granted it to corporate data. The limitation is that it only catches AI tools where employees used their corporate identity to authenticate.

How do you detect AI tool usage by fully remote employees on home networks?+

Detecting AI usage on home networks requires shifting from network-centric to endpoint-centric and identity-centric approaches. On company-managed laptops, endpoint detection and response agents can monitor process execution and network connections to AI services regardless of the network the device is connected to. Enterprise browsers or mandatory browser extensions provide web-level visibility on managed devices. Cloud access security brokers integrated with your identity provider detect AI tool authentications from any location. For organizations using VPN or zero-trust network access, traffic analysis can be performed at the tunnel endpoint. The most practical combination for remote workers is endpoint agents plus OAuth monitoring plus managed browser controls, which together provide coverage without requiring any visibility into the employee's home network infrastructure.

PolicyGuard Team

PolicyGuard

Building PolicyGuard AI — the compliance layer for enterprise AI governance.