Field Effect has launched an AI Detection & Response feature within its managed detection and response platform, designed to give organisations and managed service providers visibility into AI use.
The feature, known as AIDR, sits inside Field Effect MDR Complete and is designed to track AI applications, identify unsanctioned use and set controls over how those tools interact with an organisation's systems. Customers do not need to deploy separate agents or manage a separate dashboard to use it.
The launch reflects a broader shift in cyber security as companies try to reconcile the rapid growth of generative AI and other AI tools with data protection, compliance and internal governance requirements. Security teams have struggled to keep up with the pace of adoption, particularly when employees bring in external AI applications without formal approval.
Field Effect says its customer data shows 93% of organisations have either knowingly or unknowingly adopted AI, while 26% are actively using six or more AI applications. That level of use creates new risks around data exposure, uncontrolled sharing of sensitive information, unauthorised software, and AI-assisted fraud or phishing attempts.
Platform approach
AIDR is built around four areas: visibility into which AI tools are in use; controls over which tools are allowed; visibility into how those tools behave; and controls over what they can access or influence. The feature draws on data from endpoints, networks, cloud environments and DNS activity to build a picture of AI-related activity across an organisation.
Field Effect is positioning the launch as part of a broader cyber security approach rather than as a standalone AI product. That distinction matters in a market where many vendors have begun adding AI-related monitoring tools to their product lines as concerns grow over shadow AI and inadvertent data leakage through prompts, uploads and application integrations.
Organisations need more than a list of AI applications in use. They also need to understand what data those tools touch, whether they operate within internal policy and whether they create new routes for misuse or external attack.
AIDR also applies zero-trust controls to AI-driven activity, with the aim of limiting what AI tools can access or do inside a customer environment. That approach is intended to reduce the risks posed not only by unauthorised tools, but also by approved tools that may still expose data or create compliance issues.
Growing concern
The rise of AI use inside companies has created a new focus for cyber security suppliers, legal teams and regulators. Employees often turn to public or specialist AI services to summarise documents, analyse data, generate code or support customer work, but those actions can expose corporate information if governance and monitoring are weak.
For managed service providers, the issue is also becoming part of routine client oversight. Providers are being asked not only to detect intrusions and suspicious activity, but also to identify which AI tools staff are using and whether those tools meet policy requirements.
Matthew Holland, Founder and Chief Executive Officer of Field Effect, said the company's existing visibility across multiple parts of customer environments underpins the launch.
"Over the next few years, we're going to see many companies enter the AI security market. The reality is that AI Detection and Response isn't something you can build in isolation," Holland said.
He said the issue requires broad visibility across enterprise activity.
"To understand what AI is doing inside an organization, you need visibility across endpoint, network, cloud, and DNS activity, and the knowledge and experience that comes from protecting tens of thousands of real-world environments. We've spent years building that foundation, which is why we're able to move quickly and help organizations adopt AI with confidence. We are solving this problem the only way it can be properly solved," he said.
The new feature is included in MDR Complete rather than sold as an additional product. That packaging suggests Field Effect sees AI monitoring as an extension of mainstream security operations rather than a separate discipline, particularly for smaller organisations and service providers that may not want another security console to manage.
The move comes as cyber security vendors compete to define how AI governance should fit into operational security tools. While many organisations remain focused on external threats using AI, the market is increasingly turning to risks created by AI use inside the business itself, including sensitive data handling, policy breaches and unapproved adoption.
Field Effect says AIDR is intended to help customers identify AI tools, understand how they are being used and set limits around their activity without adding another layer of software.