Threat Landscape

What goes wrong with AI at work

Six risks security teams hit first — and how Spur AIDR detects, enforces, and closes the loop.

Risk → Spur AIDR → Your team

The risk
Something bad happens

Shadow AI, data leakage, or no audit trail.

Spur AIDR
Classify & enforce

On-device policy, metadata to the portal — not prompts by default.

Your team
Respond & report

Alerts, posture, Forensics, and compliance exports.

What we help you stop

Personal data in consumer AI

Staff paste customer or employee data into tools without approval.

Spur AIDR Enforce policy before content is sent; log outcomes for GDPR and privacy reviews.

Shadow AI tools

New AI apps appear faster than your allowlist and procurement process.

Spur AIDR Discover unknown tools, flag usage, and align enforcement to approved tiers.

Desktop apps bypass the browser

Native AI clients skip controls that only cover the web.

Spur AIDR macOS agent plus browser extension — web and native clients, when deployed.

Audit & SOC 2 gaps

Auditors ask who used AI, what was blocked, and which policies applied.

Spur AIDR User attribution, audit export, and executive reports from live usage.

No exportable evidence

Leadership and auditors need a defensible story — not a spreadsheet of raw logs.

Spur AIDR Executive reports, audit CSV export, and Forensics graph exports from live usage.

“Log only” policies

Sensitive data still reaches AI because nothing blocks at runtime.

Spur AIDR Block, redact, warn, or log — per your rules, at the moment of use.

Privacy: Spur AIDR does not store prompt content by default. The portal works from metadata and policy outcomes.

Behaviours align with common MITRE ATT&CK patterns (e.g. cloud exfiltration, valid accounts). Shadow AI is often policy and usage risk, not only attacker activity.

See where Spur AIDR sits in your stack →