New “Shadow AI” release discovers and monitors AI tools and AI agents across the enterprise, so teams can scale agentic deployments while reducing agent risk

SAN FRANCISCO, June 23, 2026 — Virtue AI today announced “Shadow AI,” a new extension of the AgentSuite-Blue platform that gives enterprises comprehensive visibility into AI and agentic systems operating across their environments.

AI agents are virtually everywhere: inside laptops, SaaS platforms, developer workflows, browser extensions, and enterprise applications. Most of them were never reviewed by security. Many were never approved at all.

Security teams know this is happening. What they lack is the ability to do anything about it. Most organizations cannot tell you where those agents exist, what permissions they hold, which tools they can control, how their behavior changes over time, or whether they are operating within policy.

The consequences of this visibility gap are real. An out-of-policy agent performs an unlogged action that cannot be explained to a regulator. An over-permissioned agent accesses data it was never intended to touch, then removes it before anyone notices. A vendor-embedded agent becomes an access path the organization never intended to create.

Virtue AI’s Shadow AI closes that gap by providing an endpoint-level discovery and monitoring layer built specifically for AI and AI agents. While traditional EDR and XDR platforms treat agents like generic applications, Shadow AI was built around the AI agent lifecycle from the start: how agents plan, act, call tools, and evolve over time.

“Across the enterprise, employees are using unapproved agents for things like coding, data analysis, and sales outreach,” explains Wenbo Guo, Head of Agent Security at Virtue AI. “We built Shadow AI to find them. It surfaces the agents running in your environment, traces their actions, and shows your team what each agent is doing, so you can confidently scale AI across your business.”

Core Capabilities of Shadow AI

Discover the AI hiding in your enterprise

Shadow AI was built from the ground up to find AI agents within your enterprise. If someone in your environment is using AI or deploying an agent, Shadow AI is built to catch it.

• Surface hidden AI across agents, apps, extensions, and pipelines
• Monitor outbound network connections, application behavior, and installed package telemetry to identify AI usage.
• Detect the range of AI activity enterprises actually face, including commercial tools like ChatGPT, Claude, and Copilot, self-hosted models, browser extensions, IDE plugins, and informal agentic pipelines that generic tools fail to classify as AI.

Analyze, track, and investigate how agents behave

Knowing an AI tool exists is not enough. Shadow AI captures data at the level agents actually operate (process activity, network behavior, and filesystem changes) across endpoints.

• Capture the full behavioral sequence of every agent: not just individual events, but the order, structure, and context of actions across process, network, and file activity.
• Map activity across your entire environment with the Shadow AI Dashboard: which agents are active, on how many devices, and exactly which policy triggered a flag.
• Distinguish normal behavior from something worth escalating.

Trace agent actions to their source

When an agent misbehaves, you need to know what it did, what it touched, and how far it got.

• Maintain a continuous operational record (host, user context, tool calls, sequence) so your team starts an investigation with evidence, not questions.
• Pull the complete agent action trajectory the moment something looks wrong.
• Cut investigation time and the guesswork that leads to missed incidents or false escalations.

Integrate with existing security operations

Shadow AI deploys as a lightweight endpoint collector and runs on Linux, macOS, and Windows alongside your existing EDR or independently.

• Integrate natively with leading EDR, XDR, and enterprise SaaS platforms, including CrowdStrike Falcon, Microsoft Defender, and ServiceNow Now Assist, with additional connectors added on an ongoing basis.
• Normalize data sources into a single pipeline for agent pattern detection.
• Work from one unified view across endpoint and SaaS signals, without rebuilding detection logic for each data source or managing separate dashboards per vendor.

For enterprises, the value is straightforward: reduced AI risk, actionable and auditable visibility into AI and agentic systems, rapid investigation capability when an agent behaves unexpectedly, and confidence in your AI deployments. 

About Virtue AI

Virtue AI sets the standard for advanced AI security platforms. Built on decades of foundational and award-winning research in AI security, its AI-native architecture unifies automated red-teaming, real-time multimodal and multilingual guardrails, and systematic governance for enterprise agents, models, and applications. With Virtue AI as a trusted third-party partner, enterprises gain unified visibility and assurance across the AI lifecycle while driving innovation without slowing performance.

For more information, visit https://www.virtueai.com/

SOURCE: http://www.intelligence360.io
Copyright (c) 2026 SI360 Inc. All rights reserved.