Frequently asked questions

Shadow AI is the use of AI tools inside an organization without security, IT, or compliance approval or visibility - employees and their agents adopting chatbots, coding assistants, and other AI services on their own. It is the AI version of shadow IT, and it spreads faster because new tools launch every week.

Cross-reference your DNS, firewall, SIEM, or proxy logs against a maintained list of AI-tool domains. The Shadow AI List provides those domains, risk-ranked, so you can see which AI tools are being reached and decide what to allow, log, or block. The free top-100 imports as a starter blocklist.

A maintained, risk-ranked directory of 670+ AI tools, built for security, GRC, and IT teams. Each tool is scored by data-exposure risk and ships with its detection domains and SOC import formats (Sigma, STIX, MISP, a hosts file, and a Palo Alto EDL).

The AEX is a within-category score that ranks each tool by how likely it is to reach sensitive enterprise data. It weighs prevalence, real-world usage, and data risk (where data goes, whether the tool trains on inputs, and whether enterprise controls exist). The methodology is summarized at /verification.

The top-100 highest-risk tools are free (names and domains), along with a public API. The full 670+ directory with risk scores, all detection domains, and SOC formats is a $199 one-time pack; a $499/year plan re-verifies and re-ships it weekly.

The pack is a digital product delivered instantly, so all purchases are final and non-refundable, including annual plans. You can cancel an annual plan anytime - it stops the next renewal and you keep access and weekly updates through the end of the period you already paid for (no prorated refund). Email info@airiskmanagement.ca to cancel or with any billing question.

The registry is re-verified and re-shipped each release: dead domains pruned and new tools added. Annual-plan downloads always serve the current set.

A by-category directory and full CSV/JSON of every tool, a one-per-line domain blocklist, a keyword dictionary for SIEM/DLP, a verification report, and drop-in detection formats (Sigma, STIX 2.1, MISP, and a hosts/pi-hole list).

No. It is a reference dataset you import into your own controls. It does not connect to, or observe, your network, accounts, or usage - you run the matching against your own logs.