Your employees use ChatGPT, Claude, Copilot, and 200+ AI tools every day — feeding in PII, trade secrets, and client data. The records of what they submitted persist on the endpoint after the session is deleted, in files your DLP and governance dashboards never examine. We find what those tools missed and build the documentation before a regulator or plaintiff's attorney asks for it.
Regulated industries only · NDA signed at engagement start · 2–4 week turnaround · Board-ready deliverables
"Most companies discover their AI exposure in a deposition, not an audit."
Before AI governance policies existed, your employees were already using AI tools. That data is gone—or is it?
Documented in our technical reference and verifiable on any Windows endpoint running Chrome. Each recoverable through standard tooling — no specialist hardware required.
Chromium browsers store AI tool conversation data in a LevelDB write-ahead log. Deleting a conversation appends a tombstone marker — the original content remains at its prior offset until compaction. Recoverable as plain text with standard tooling.
Chrome and Edge record every AI tool domain visited, with timestamps and visit counts, in a SQLite database. Clearing browser history does not guarantee the underlying records are overwritten.
Chrome serialises open tab state to disk at browser close for crash recovery. Where an AI tool session was open, the captured state can include conversation content — independent of the history database and the IndexedDB log.
Full technical detail, file paths, and a reproducible verification test: Read the technical reference →
Four services available now. No forensic infrastructure required. Deliverable in 2–5 days.
Six practitioner-built compliance frameworks for healthcare, fintech, and legal organizations. Foundation Packs and Implementation Kits available for each industry. No engagement required.
Is that new AI tool your sales team wants HIPAA or SOX compliant? We score it against 8 criteria and return a Go / Conditional Go / No-Go verdict in 48 hours. No endpoint access required.
A Generative AI Acceptable Use Policy written specifically for your industry, regulatory framework, and named roles. Same outcome as the full audit's policy deliverable — without the forensic engagement.
Your IT admin runs a 5-minute read-only script. We scan it for ChatGPT, Claude, Copilot, and 200+ AI indicators plus sensitive keywords. You get a 2-page risk dashboard — no raw data recovery, no air-gap required.
Full forensic engagements for regulated organizations. If you're not ready for a full audit, see our Quick Start resources ↑ above.
Typically engaged when: a regulator opens an inquiry, M&A requires AI risk disclosure, an insurance carrier requests usage evidence, or the board requires a documented baseline.
For organizations that completed a Tier 1 audit and need ongoing visibility as employees adopt new AI tools.
Available to existing audit clients and partner law firms facing an active regulatory inquiry, breach disclosure, or legal discovery request involving AI tool usage.
Access is through referral from an existing client or partner law firm only. Direct litigation and expert witness services are delivered through our certified forensic partner network.
Request an IntroductionTypically engaged after a Tier 1 audit, following a board mandate or audit committee requirement, or for organizations building a full AI governance program from scratch.
We maintain technical chain of custody and forensic integrity from first collection through final report delivery.
We focus exclusively on sectors where AI data exposure creates existential legal and regulatory risk.
We defined the category. We run the playbook. No firm currently specializes in uncovering what already happened before your AI policies existed — and the window to act before regulators and plaintiffs do is narrowing fast.
Insurers are adding AI governance questions to underwriting questionnaires. No documented AI controls = policy exclusions or denied claims.
Wrongful termination, malpractice, and data breach suits increasingly demand AI tool usage records. Most organizations cannot produce them.
OCR and the SEC are actively investigating AI tool usage at regulated entities. The question is not if — it's what your documentation shows when they arrive.
Methodology informed by emerging 2025 digital forensics research and DFRWS community frameworks
NIST AI Risk Management Framework — risk identification, governance, and response protocols
Article 11 / Annex IV technical documentation requirements for high-risk AI system operators
Article 17 right to erasure implementation guidance and cross-border data flow obligations
What the audit process is designed to recover from a standard Windows endpoint running Chromium-based browsers, mapped to common enterprise deployment scenarios.
A mid-size regulated organization. Existing DLP solution in place. An acceptable use policy either drafted or in progress. IT has blocked a handful of known AI domains on the corporate network. Leadership considers the AI governance situation handled. From the outside — and from their own audit logs — everything looks fine.
Browser artifact analysis is designed to recover content from AI sessions — including from tools the organisation never approved. The IndexedDB write-ahead log retains the original conversation text after interface deletion, because the deletion appends a marker rather than removing data. This is what DLP does not flag and what survives browser history clearing, because the artifact file is entirely separate from browser history.
Authentication tokens for AI platforms outside the organisation's approved vendor list may be present in browser credential storage on endpoints where those tools were accessed. These tokens grant ongoing access to platforms where prior sessions — and in some cases, uploaded documents — may still be accessible. Where the employee no longer works at the organisation, the token may still be valid.
AI platform conversation exports saved to user download folders sit outside any monitored directory and outside DLP coverage. Where regulated data was processed in the session, the export contains the full text. These files are named generically and are not distinguished from other downloads by endpoint monitoring tools.
AI writing assistant browser extensions with granted permissions to read and modify content across all sites — including webmail, document editors, and internal portals. These extensions operate outside endpoint DLP, outside network monitoring, and outside the organization's AI tool inventory entirely. Permission was granted at installation. Nobody reviewed it.
Under HIPAA, every cached prompt fragment containing patient information is a potential impermissible disclosure — regardless of whether the employee intended to expose it. Under SOX, AI-assisted financial analysis not archived in enterprise systems creates a documentation gap regulators are increasingly equipped to exploit. Under attorney-client privilege rules, client matter details processed through a consumer AI account may constitute a waiver.
The finding that surprises most compliance teams: the employees were not being malicious. They were being efficient. The tools were useful and fast and nobody told them the session didn't end when they closed the tab.
Scenarios above illustrate what the methodology is designed to surface. Actual recoverable artifacts depend on endpoint configuration, AI tools in use, browser version, and time elapsed since last session. No two endpoints are identical.
Shadow AI Forensics was built from an observation, not a business plan. Since generative AI tools reached mass adoption in late 2022, the governance conversation has been dominated by two things: policy documents and access controls. Lock down the tools, write a policy, check the compliance box.
"Forensic ground truth: anchor the evidence where you control it, not where the vendor does."
— Harish
Over two years working with generative AI tools, one gap kept surfacing that the governance conversation was ignoring: what these tools leave behind on the endpoint. Cached prompts in browser IndexedDB. Conversation artifacts in local storage. Authentication tokens retained long after a user believes they have logged out. Data a forensic examiner can recover from a workstation weeks or months later.
The research that followed focused on how these tools actually behave on the endpoint — which artifacts persist, where they are stored, how long they survive, and what a regulatory investigator or opposing counsel could reconstruct from a standard corporate workstation. That work became the Shadow AI Forensics methodology: built specifically around how AI tools behave in practice, not adapted from an existing IT security framework.
The gap was never in the AI tools themselves. It was between what organizations believed their controls covered and what was actually sitting on their endpoints. That gap is what we audit.
Shadow AI Forensics is led by Adil, an AI governance and digital forensics specialist focused exclusively on shadow AI exposure in regulated industries.
Litigation support and expert witness services are provided through our partner network of certified forensic examiners where legally required.
Every artifact collected under documented, defensible chain-of-custody protocols aligned with SWGDE and NIST standards.
Every finding is cross-referenced against HIPAA, SOX, GDPR, EU AI Act, and NIST AI RMF for your industry.
Every high-risk finding is manually validated before inclusion in the final report. We don't inflate findings to justify our fee.
Reports can be structured for delivery under attorney-client privilege where legally appropriate — protecting findings from opposing discovery.
Shadow AI Forensics is a specialized consultancy, not a software product. We limit active engagements to ensure every client receives rigorous, hands-on forensic analysis — not an automated scan with a report attached.
Entry point services (Policy Template, Vendor Assessment, Browser Scan) are available to organizations of all sizes.
Answers to what compliance leads, CISOs, and legal teams ask before booking a briefing.
It depends on the engagement tier. The Browser Log Light Scan uses a read-only PowerShell script your IT team can review line-by-line before running — no installation, no persistent agent. Full forensic audit engagements use industry-standard forensic imaging tools, deployed with your IT team present. We never operate unilaterally on your infrastructure.
Only the examiner assigned to your engagement. All data is processed under a signed NDA and our standard confidentiality agreement, executed before any engagement begins. Findings are delivered in an encrypted report. We do not retain client data beyond the engagement period — documented in our evidence destruction certificate, issued at close.
Browser Log Light Scan: 2–3 business days from export receipt to report. AI Vendor Risk Assessment: 48 hours from intake completion. Full AI Exposure Audit: 7–14 business days depending on scope and number of endpoints. Timeline is confirmed at engagement kickoff — we don't start the clock until scope is agreed.
That outcome exists and we'll tell you clearly when it does. A clean finding is a defensible finding — documented evidence that your organization examined its AI exposure and found it within acceptable parameters. That documentation has real value in a regulatory inquiry or litigation context. We don't inflate findings to justify our fee.
DLP and SIEM monitor traffic and flag policy violations in real time. They don't examine what's already on the endpoint — cached browser artifacts, local storage, downloaded conversation exports, browser extension permissions. We examine what your existing tools never saw. In most engagements, the meaningful findings come from artifacts that predate our involvement by weeks or months.
Yes. Where legally appropriate, engagements can be scoped and delivered under attorney-client privilege — typically by routing the engagement through outside counsel. We work with your legal team to structure this at kickoff. Not every organization requires this, but regulated industries facing active regulatory scrutiny or pending litigation often do.
Always. Our standard NDA is executed before we receive any organizational information. For enterprise engagements, we'll work with your legal team's preferred form. If you'd like to review our standard NDA before booking a briefing, email adil@shadowaiforensics.com.
The frameworks are ready to deploy for most organizations — drafted with regulatory specificity for your industry and mapped to current HIPAA, SOX, FINRA, and ABA requirements. Organizations with complex multi-jurisdiction exposure or active regulatory matters should have outside counsel review before finalization. For most, the Foundation Pack is sufficient without that step.
Every day of undocumented AI usage is potential liability. Whether you need a forensic audit or a quick policy resource — there's an entry point for your situation.