JFrog Intros New Tool to Track Unauthorized AI Usage

DevOps platform provider JFrog has taken aim at a growing challenge for enterprises: users deploying AI tools without IT approval. The company recently introduced Shadow AI Detection, a new feature designed to identify and manage unauthorized artificial intelligence implementations that often fly under the radar.

The capability targets a problem that has accelerated alongside the AI boom: developers and teams incorporating AI models and external services into their workflows without going through proper security reviews or governance channels. These unsanctioned implementations, known as shadow AI, can expose organizations to compliance violations, data leakage, and supply chain vulnerabilities. JFrog's tool automatically discovers both homegrown AI models and third-party API integrations, giving security and compliance teams visibility into AI usage they may not know exists.

"Recognizing and mitigating the risks of shadow AI is becoming a critical priority," said Yuval Fernbach, vice president and CTO of JFrog ML, in a statement. "This capability aims to strengthen oversight without limiting innovation."

As AI models from vendors such as OpenAI, Anthropic, and Google are increasingly integrated directly into workflows, organizations face mounting challenges tracking these tools across departments. JFrog's detection feature automatically inventories both internally developed models and third-party APIs in use, enabling centralized governance.

Once detected, the platform allows teams to implement access controls, enforce compliance policies, and audit usage across environments. The tool also supports monitoring of popular AI services, including OpenAI and Google Gemini.

The launch comes amid tightening AI regulations across the U.S. and Europe. JFrog says its detection feature is aligned with emerging frameworks, including the U.S. Transparency in Frontier AI Act, the EU AI Act, the Cyber Resilience Act, and Germany's BSI Guidelines. These regulations increasingly require documentation of AI usage, supply chain transparency, and proactive security controls.

JFrog positions its software supply chain platform, including the new Shadow AI Detection tool, as a response to both governance risks and global compliance demands. The capability will be available through the company's AI Catalog, with general availability expected in 2025. For more information, go to the JFrog site.

About the Author

John K. Waters is the editor in chief of a number of Converge360.com sites, with a focus on high-end development, AI and future tech. He's been writing about cutting-edge technologies and culture of Silicon Valley for more than two decades, and he's written more than a dozen books. He also co-scripted the documentary film Silicon Valley: A 100 Year Renaissance, which aired on PBS.  He can be reached at [email protected].

Featured

  • digital lock with circuit patterns

    IBM Adds New AI-Powered Cybersecurity Tools

    IBM has unveiled an expanded portfolio of AI-powered cybersecurity products, positioning the company to compete more aggressively in a rapidly evolving market where enterprises are increasingly turning to artificial intelligence to defend against automated cyber threats.

  • Human Hand Assembling Digital Data Blocks

    Report: AI Impact Starts Relies on Strong Data Foundation

    High-impact AI implementations are more likely to treat data architecture, governance, and operationalization as strategic requirements, according to the 2026 Blueprint report from TDWI.

  • person typing on a touch screen schedule plan calendar

    Deadline Extended for ADA Title II Compliance

    Schools working to meet the Americans with Disabilities Act Title II regulations for digital accessibility have received a temporary reprieve: The United States Department of Justice has published an interim final rule to push back the compliance deadline by one year.

  • AI logo near computer equipment

    White House Issues National Policy Framework for AI

    The White House has released a four-page AI policy framework aimed at setting a national approach to AI, with priorities including child safety, intellectual property protections, truth and accuracy guardrails, and worker training for an AI-driven economy.