Private beta · Onboarding 5 design partners

See every AI tool
your employees use.

Shadow AI is in your browser, not your firewall. FathomSec finds it in 30 minutes — without rolling out endpoint agents, without enterprise pricing, without spying on prompts.

We'll scan your Okta or Google Workspace logs and ship you a one-page report. No commitment. ~ 48 hours.

1 in 5
organizations breached via shadow AI in 2025
IBM Cost of a Data Breach 2025
$670K
average cost premium per shadow AI breach
IBM 2025
247 days
average detection window — 6 days slower than baseline
Ponemon / IBM 2025
80%+
of employees use unapproved AI tools at work
UpGuard / Cybersecurity Dive
The problem

Your CASB doesn't see it. Your EDR doesn't see it. Your proxy doesn't see it.

Shadow AI doesn't behave like shadow SaaS. Employees paste source code into ChatGPT from personal accounts, on personal devices, through perfectly normal browser sessions. Cursor and Copilot send prompts that look like ordinary HTTPS. AI Chrome extensions silently update their permissions and exfiltrate prompts to data brokers.

The tools built to catch this — Nightfall, Harmonic, Lasso, Netskope — start at $30,000+ per year and assume an enterprise security team to operate them.

FathomSec is for the company in between. 50 to 500 people. One or two security folks. Customers asking about AI governance. SOC 2 in flight or already done. You need answers in days, not in a six-month enterprise rollout.

How it works

Three signals. One inventory.

01

Browser extension

Deploy via Chrome Enterprise, Google Admin, or Okta managed install. Detects AI tool usage at the DOM level on 30+ known AI domains. Flags Chrome extensions that quietly log prompts.

Manifest V3 · metadata-only by default
02

OAuth log ingest

Connect Okta or Google Workspace read-only. We surface every AI tool an employee granted access to, what scopes they gave it, and which tools train on your data by default.

SAML SSO · 15-minute setup
03

Risk scoring

Every detected tool gets a risk score from our curated AI-vendor database: training policy, data residency, breach history, OAuth scope sensitivity. Updated weekly.

500+ AI tools tracked · open catalog
What makes FathomSec different

Built for the team that has to actually use it.

Browser-first, not network-first

Most shadow AI happens through normal HTTPS to mainstream domains. Network-layer CASBs miss it. We watch where it actually happens.

Metadata-only, by default

We don't read your prompts. The extension processes locally and ships only the tool, timestamp, and risk signals. Open-source extension code.

Self-serve under $500/mo

Install in 30 minutes. No 6-month rollout, no per-deal MSA, no sales call required. Cancel any time.

Audit-ready exports

One-click evidence packs for SOC 2, ISO 27001, and EU AI Act inventory. Save your next questionnaire response from scratch.

Pricing

Per-seat, predictable, no surprise bills.

Free

$0
Up to 25 employees
  • Discovery via OAuth log ingest
  • 30-day data retention
  • Basic risk scoring
  • Community support
Get started free
Most teams

Starter

$8/seat/mo
$200/mo minimum · up to 100 seats
  • Browser extension + OAuth ingest
  • In-browser nudges on sensitive paste
  • Slack alerts
  • 30-day SOC 2 evidence export
  • Email support
Start a 14-day trial

Pro

$12/seat/mo
100–500 seats
  • Everything in Starter
  • Custom risk policies
  • SAML SSO
  • API access
  • EU AI Act inventory export
  • Priority support
Talk to us

Get a free shadow AI report.

Drop your work email. We'll do a read-only Okta or Google Workspace scan and ship you a one-page report with every AI tool used in the last 30 days, ranked by risk. About 48 hours. No call required.

We're onboarding 5 design partners at $0 in exchange for monthly feedback calls. If that's you, mention it in the email.

FAQ

Quick answers

Are you reading my employees' prompts?

No. The browser extension processes content locally. By default we ship only metadata — which AI tool, when, who, token count, and pattern hits (e.g. "looks like source code"). Full content capture is opt-in per tenant for higher tiers, with a giant warning attached. Extension code will be open-sourced before GA.

How is this different from Nightfall, Harmonic, or Lasso?

Those are excellent enterprise products. They start at $30K+/year, sell through sales-led pilots, and are heavy DLP or AI-gateway platforms. FathomSec is the opposite: $200/month, 30-minute setup, AI discovery only — not a full DLP, not a gateway. We're the tool you put in place before you can justify (or staff) a full-fat DLP suite.

What about employee privacy and trust?

Critical question. Three things: (1) metadata-only default, (2) open-source extension code so your team can audit it, (3) we publish a transparency report showing every detection rule. We're building this for security teams that want to say yes to AI tools — not for surveillance shops.

Why should I trust an indie product with security?

Honest answer: you shouldn't, blindly. We're early. We're transparent about that. We're publishing the extension as open source, pursuing SOC 2 in year one, and starting with 5 design partners we work with hands-on. If you need a vendor with a 10-year track record today, this isn't it. If you want to shape the product that you wish existed, that's exactly who we're looking for.

What does the EU AI Act require, and does FathomSec help?

The Act (deadline currently Aug 2026, possibly delayed to 2027) requires deployers of high-risk AI systems to maintain inventory, log usage for 6 months, and notify affected individuals. If you have EU customers, you're likely a deployer. FathomSec produces the inventory and the logs in a format suitable for Article 26 evidence. We are not legal advice — pair with counsel.