K
Kairro
How Kairro Works Login to Kairro
AI Security, Governance & Visibility

Kairro Overview

Kairro is the enterprise platform that unifies security, governance, compliance, and operational visibility so you can scale generative AI with confidence.

Get a Demo
SOC2-ready controls SSO + MFA Real-time DLP Shadow AI detection
Platform snapshot

3 tightly-integrated components

Fast, secure backend · Admin console · Browser extension working together for real-time AI protection and governance.

Policy enforcement
Shadow AI coverage
Governance workflows
Kairro overview dashboard

Executive highlights

Enterprise-grade controls, real-time enforcement, and governance in one system.

Security-first

Fail-closed extension enforcement, SSO/MFA, and DLP-backed policies at the edge.

Governance-ready

Use-case intake, risk assessments, staged reviews, and audit readiness scores.

Operational visibility

Events, Shadow AI, DLP matches, and ops health in unified dashboards and exports.

Platform Architecture

Secure by design, with clear separation of enforcement, administration, and edge control.

1. Fast, Secure Backend

Fastify + Prisma

  • Authentication, SSO, and MFA
  • Policy and DLP evaluation
  • Shadow AI detection
  • Governance workflows
  • Event logging & telemetry storage
  • Subscription & licensing enforcement
  • Integrations & notification routing
  • Ops/health telemetry

2. Kairro Admin – React Console

Security, compliance, IT, and platform teams

  • AI Events & DLP
  • Shadow AI discovery
  • Governance & use-case risk
  • Policy and rules management
  • Subscription usage
  • Ops & system health
  • Integrations & notification routing

3. Kairro Browser Extension

Protection where AI is used

  • Intercepts prompts only on approved AI tools
  • Applies DLP and security policies pre-send
  • Detects Shadow AI & unknown tooling
  • Registers usage for subscription/licensing
  • Sends telemetry to the backend
  • Enforces fail-closed security for expired/invalid licenses

Core Concepts

How Kairro models the enterprise AI landscape.

Organizations, Users, Teams & Identities

Multi-tenant with RBAC; every event, tool, endpoint, and policy is org-scoped.

AI Tools

  • Approved Tools — allowed with policies/DLP
  • Unapproved Tools — trigger warnings or blocks
  • Discovered (Shadow AI) — surfaced automatically from telemetry

Policies & Rules

  • DLP severity thresholds
  • Allowed/denied AI tools
  • Domain restrictions
  • Token limits
  • Org-wide defaults

Events & DLP Matches

Every AI interaction logs action (Allow/Warn/Block), risk level, DLP match details/severity, and tool/identity/endpoint metadata.

Shadow AI Events & Findings

Unknown, unapproved, or risky AI usage is logged and surfaced in Shadow AI inventory.

AI Inventory & Use Cases

Catalog of approved AI use cases, external tools, product-embedded AI features, risk assessments, governance stages, reviews, and audit logs.

Subscriptions & Licensing

Validates license keys, allowed endpoints, event usage, and status (Active → Past Due → Expired) with fail-closed enforcement.

Integrations & Notifications

Slack, Email, Microsoft Teams, PagerDuty, Opsgenie, Webhooks, and SIEM/log tools (Splunk, Datadog, Elastic, Chronicle, etc.).

Extension → Backend Workflows

Secure, deterministic flows between the browser extension and the platform.

/v1/extension/policy

Retrieves approved AI tools and unapproved tool definitions.

/v1/extension/evaluate

  1. DLP scanning
  2. Policy evaluation
  3. Risk scoring
  4. Event & DLP match logging
  5. Integration/notification dispatch

Returns: action, riskLevel, reasons, eventId.

/v1/extension/shadow-event

Logs unapproved or unknown AI usage for Shadow AI inventory.

Registration endpoints

Associate activity with subscription limits, license tokens, and unique endpoints.

  • /v1/extension/register
  • /v1/extension/endpoint/register

Admin API Surface

  • Events: /v1/admin/events, /v1/admin/events/:id/dlp
  • Shadow AI: /v1/admin/shadow-ai/events
  • Governance: /v1/admin/governance/*
  • Policies: /v1/admin/policies
  • Integrations & Notifications
  • Ops / Health Dashboard
  • Subscription & Security Defaults

How Organizations Use Kairro

✔ Real-time AI security

DLP + policy enforcement everywhere users interact with AI.

✔ Shadow AI visibility

Automatic discovery of unapproved tools and risky behavior.

✔ Governance & risk scoring

Structured workflows for approving use cases and managing AI adoption.

✔ Compliance & audit readiness

Evidence, controls, logs, reviews, and policy enforcement in one place.

✔ Enterprise integrations

Notifications and events flow into your SIEM, SOC tools, and collaboration systems.