AI Governance Overview
Every AI system in your environment, its risk profile, its access scope, and what it's allowed to do.
Registered Systems
0
High Risk
0
Unregistered (Shadow)
0
Injection Tests Blocked
0
Excessive Access Flags
0
Highest Risk Systems
No systems registered.
Recent Audit Events
No events yet.
AI System Inventory
Every AI system, agent, or LLM integration operating in the environment, catalogued and owned.
Register New AI System
All Registered Systems
No systems registered yet.
Shadow AI Discovery
Scan the environment for AI tools being used outside of governance review.
Discovery Scan
Simulates scanning network egress, browser extensions, and SaaS API logs for unsanctioned AI tool usage. In a real environment this would integrate with CASB, proxy logs, or endpoint telemetry.
Unregistered AI Tools Found
Run a scan to discover shadow AI usage.
Risk Scoring
Every system is scored using a model aligned to the NIST AI Risk Management Framework.
How Risk Score is Calculated
Risk Score = Data Sensitivity Weight + Autonomy Weight + Access Scope Weight + Injection Vulnerability Weight
Data Sensitivity: Public=5 ยท Internal=15 ยท Confidential=30 ยท Restricted=45
Autonomy Level: Human-in-Loop=5 ยท Human-on-Loop=15 ยท Fully Autonomous=30
Access Scope: +5 per excessive permission flagged
Injection Risk: +10 if sandbox testing shows successful prompt injection
Data Sensitivity: Public=5 ยท Internal=15 ยท Confidential=30 ยท Restricted=45
Autonomy Level: Human-in-Loop=5 ยท Human-on-Loop=15 ยท Fully Autonomous=30
Access Scope: +5 per excessive permission flagged
Injection Risk: +10 if sandbox testing shows successful prompt injection
0โ30 Low Risk
31โ60 Moderate Risk
61โ100 High Risk โ requires governance review before continued use
Risk Distribution
| System | Type | Sensitivity | Autonomy | Risk Score | Tier |
|---|---|---|---|---|---|
| No systems registered. | |||||
Access Governance
What data and systems can each AI agent actually reach? Flag excessive permissions before they become incidents.
Select a system above
No system selected.
Prompt Injection Sandbox
Test prompts against a simulated input filter to see whether an injection attempt would succeed.
Test a Prompt
Try sample attacks:
Filter Result
Run a test to see the evaluation result.
Test History
No tests run yet.
Audit Trail
Immutable record of every registration, scan, risk recalculation, and sandbox test.
All Events
No events.