WitnessAI, creator of the first enablement platform for safe AI use, announced support for Microsoft 365 Copilot and GitHub Copilot for Visual Studio Code applications. Without requiring an agent to be installed on employee devices, WitnessAI provides visibility of prompts and responses within Copilot, and performs policy based blocking, redaction, or routing of Copilot prompts.
By embedding or enabling Copilot capabilities within knowledge tools, including Office 365 and Visual Studio Code, Microsoft helps users become more productive. Knowledge workers gain the power of generative AI without leaving their preferred applications. While Copilot brings the power of large language models (LLMs) into the Microsoft applications that power most enterprises, they also create blind spots for security and privacy teams as they enforce acceptable use policies.
WitnessAI’s Secure AI Enablement Platform helps organizations adopt generative AI safely, by providing visibility, control, and protection of employee usage of internal and third-party AI models and AI-enabled applications. Data Loss Prevention (DLP) and AI security products typically operate using a browser plug-in, watching user chat sessions with external websites. While this captures some level of acceptable use violations, it cannot detect Copilot traffic, since that comes from a native app installed on Windows or MacOS. Enterprises are left completely blind to potential problems from employee Copilot use.
For example, a corporate attorney may use Copilot within Microsoft Word to draft a new corporate contract, inadvertently sharing confidential information with a third-party LLM. A developer might upload proprietary source code using Microsoft Visual Studio Code via GitHub Copilot. In both cases, employees may violate corporate AI acceptable use policies, putting their organizations at legal or financial risk. WitnessAI provides real-time observability of this activity to support a company’s governance policies.
Unlike other approaches, WitnessAI operates at the network level, which enables it to detect and apply policy to shadow AI across browsers, BYOD, and Copilot within native apps – without a browser plug-in or endpoint agent installed. Witness/OBSERVE, the visibility engine within the WitnessAI platform, supports Microsoft 365 Copilot and GitHub Copilot within Visual Studio Code.
“Many organizations simply block genAI apps, such as ChatGPT, thinking this will prevent unauthorized use of these powerful new tools,” said Rick Caccia, CEO of WitnessAI. “Copilots add a new channel for inadvertent confidential data or IP loss, and WitnessAI brings clarity and visibility to employee use of copilots – from Microsoft or not.”
WitnessAI is in beta testing at multiple U.S. and global organizations today, detecting shadow AI, providing full visibility into user activity, and classifying user conversations for risk and intention.
SOURCE: PRNewsWire