Cross-reference DNS, proxy, and traffic logs against 16,024+ classified AI domains. Surface every shadow AI tool in hours.
AI tools require no installation, skip OAuth, and run on domains unknown to legacy threat feeds. Your security stack was not built for this.
Flags Dropbox OAuth but misses employees pasting drafts into AI writing assistants on brand-new domains.
Alerts on unauthorized executables but ignores browser tabs sending source code to AI debugging services over HTTPS.
Inspects outbound email attachments but cannot inspect text pasted into web forms on unknown domains.
Operate at the network layer where all web traffic is visible.
Every connection starts with a DNS lookup. Correlate resolver logs against the AI tools feed to reveal every tool accessed.
Lowest friction Broadest coverage
HTTP-level detail: full URLs, methods, content types, and bytes transferred. Large POST payloads flag data submission.
Higher fidelity Content visibility
Connection-level metadata: source, destination, duration, bytes. Detects long-lived interactive AI sessions.
No proxy needed Protocol-agnostic
DNS is the most valuable data source for shadow AI detection. Every browser navigation triggers a query your resolver already logs.
Export query logs from Infoblox, BlueCat, Microsoft DNS, or Cisco Umbrella.
Load the AI Tools Blocklist as a lookup table. Every domain match confirms AI tool access.
Rank AI tools by frequency, identify heaviest users, and break down usage across 18 categories.
This Python script processes BIND-style query logs. Modify the parsing function to adapt to any DNS format.
extract_root_domain matches both FQDNs and root domains
tldextract for public suffix handling in production
Batch processing works for audits. For continuous monitoring, stream DNS queries and alert in near-real-time.
Groups queries by domain and client IP within configurable time intervals.
Fires structured JSON alerts when a domain crosses the configured query count.
Resets counters on a configurable interval to prevent alert fatigue.
1-hour window with threshold of 5 queries filters DNS prefetch noise from real usage.
Which AI tools are accessed. Could be a brief visit, curiosity click, or accidental navigation.
HTTP methods, content types, and bytes transferred in each direction reveal actual data submission.
POST requests carrying 5KB-500KB payloads to an AI domain are a near-certain indicator of content submission.
This script processes Squid-format logs. Adapts to Blue Coat, Zscaler, Netskope, or any SWG.
| Indicator | Points | Interpretation |
|---|---|---|
| Any POST request | +30 | Content submission — text, files, or form data |
| Bytes sent > 10 KB | +20 | Substantial payload beyond simple prompts |
| Bytes sent > 100 KB | +15 | Document-sized uploads or code pastes |
| POST count > 5 | +15 | Sustained usage, not one-time curiosity |
| Multiple users (> 3) | +10 | Viral adoption across the organization |
| Bytes sent > received | +10 | Inverted ratio = uploading content, not browsing |
Active data submission to AI tools. Immediate investigation recommended.
Incidental browsing, marketing pages, or API health checks. Low priority.
AI tools exhibit distinctive network signatures. Behavioral heuristics catch usage even before domains appear in any blocklist.
Single large upload -- the user's pasted text, code, or files.
Model inference delay. Standard web apps respond in under 500ms.
Persistent HTTP connection delivering tokens incrementally. Unlike standard page loads.
Domain in the blocklist means it is definitively an AI tool. Generate immediate alerts.
Queue for analyst review. Covers the 24-72 hour gap before blocklist inclusion.
The remaining ~5% is AI accessed via personal devices on cellular connections. Address through endpoint controls and user education.
Detection outputs integrate into your existing SIEM. The scripts output structured JSON for ingestion via any method.
Percentage of AI tool usage your program identifies. Compare detected domains against the full blocklist.
Under 2% false positive rate thanks to manual verification in the curation pipeline.
No alerts generated.
Informational alerts feed dashboards. No incident response.
High-severity alerts with automated manager and SOC notification.
No new infrastructure, vendors, or procurement cycles required. The AI Tools Blocklist is the missing intelligence layer.
Most enterprises discover 50-200 shadow AI tools in their first scan. Request a trial to unlock the full 16,024+ domain feed.
Tell us about your environment and detection goals — we will provide a tailored trial of the full AI tools domain feed.