JFrog brings Shadow AI Detection to platform

JFrog brings Shadow AI Detection to platform

Briefly

"JFrog introduces Shadow AI Detection to help companies identify and manage uncontrolled AI use in software development. The feature is designed to help organizations balance innovation with security and compliance. The rapid adoption of AI in development teams creates a governance challenge. Developers and data scientists regularly integrate AI models and services from providers such as OpenAI, Anthropic, and Google without central approval. This phenomenon, known as Shadow AI, introduces blind spots in the security infrastructure."

"JFrog's Shadow AI Detection is designed to detect these invisible AI assets automatically. The tool inventories internal models and external API gateways that provide access to data from approved or ad hoc sources. Yuval Fernbach, VP and CTO ML at JFrog, explains: "Recognizing and mitigating the risks of shadow AI is becoming a critical priority for CIOs and CISOs who must strike a balance between innovating while maintaining security.""

"Once detected, organizations can centrally manage AI assets. Teams can enforce security and compliance policies for all AI resources. They can define paths for authorized users to access third-party AI services. In addition, the system monitors the use of external AI models and APIs, such as those from OpenAI or Gemini. This is becoming relevant due to emerging regulations. Fernbach emphasizes that organizations must follow proven software development practices with developer-friendly workflows, strong security, and robust governance."