The guide on blocking ChatGPT, Gemini, Claude, and other AI tools at work | Kaspersky official blog
This is a comprehensive guide published by Kaspersky on detecting and blocking unauthorized AI tools such as ChatGPT, Claude, Grammarly, and various AI meeting assistants in corporate environments. The guide outlines practical methods to monitor network traffic, use endpoint detection and response (EDR) tools, enforce browser and application policies, and apply firewall and DNS filtering to restrict access to these AI services. It emphasizes the risks of data leaks and security breaches caused by unauthorized AI usage at work and provides detailed domain names, application names, and detection techniques for multiple AI tools. The guide also discusses challenges in blocking AI features embedded in popular platforms like Slack, Zoom, and Firefox. No specific software vulnerability or exploit is described, and no patch or fix is applicable.
AI Analysis
Technical Summary
The Kaspersky blog post provides detailed technical guidance on how organizations can detect and block unauthorized AI tools and services on corporate networks and devices. It covers network-level detection via next-generation firewalls (NGFW) and web filters monitoring traffic to known AI service domains, endpoint detection using EDR/EPP tools to scan for AI-related applications and browser extensions, and policy enforcement through browser and application controls. The guide includes specific instructions for blocking popular AI tools such as ChatGPT, Claude, Perplexity AI, DeepSeek, Slack AI, Zoom AI Companion, Grammarly, AI meeting assistants, AI code editors, local AI tools, and autonomous AI agents. It highlights the security risks posed by unauthorized AI use, including data leaks and potential cyberattacks on local AI applications. The document is advisory and does not describe a software vulnerability or exploit. No patch or remediation is applicable as this is a security policy and detection guide rather than a vulnerability report.
Potential Impact
The impact described is the risk of data leaks and security breaches resulting from unauthorized use of AI tools in corporate environments. Employees may inadvertently expose sensitive company data to public AI services or install unapproved AI applications that could be insecure or exploited. The guide does not describe a software vulnerability or direct exploitation but focuses on the operational risk of shadow AI usage leading to potential data exposure and compliance issues.
Mitigation Recommendations
This is a security best practices guide rather than a vulnerability with a patch. Organizations should implement the recommended detection and blocking strategies using NGFWs, web filters, DNS rerouting, EDR/EPP tools, browser policies, application allowlisting, and mobile device management (MDM) to restrict unauthorized AI tools. Blocking known AI service domains and applications, enforcing strict extension policies, and auditing meeting participants for AI bots are advised. The guide also recommends providing approved AI alternatives to reduce users seeking unauthorized services. No official patch or fix is applicable.
The guide on blocking ChatGPT, Gemini, Claude, and other AI tools at work | Kaspersky official blog
Description
This is a comprehensive guide published by Kaspersky on detecting and blocking unauthorized AI tools such as ChatGPT, Claude, Grammarly, and various AI meeting assistants in corporate environments. The guide outlines practical methods to monitor network traffic, use endpoint detection and response (EDR) tools, enforce browser and application policies, and apply firewall and DNS filtering to restrict access to these AI services. It emphasizes the risks of data leaks and security breaches caused by unauthorized AI usage at work and provides detailed domain names, application names, and detection techniques for multiple AI tools. The guide also discusses challenges in blocking AI features embedded in popular platforms like Slack, Zoom, and Firefox. No specific software vulnerability or exploit is described, and no patch or fix is applicable.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Kaspersky blog post provides detailed technical guidance on how organizations can detect and block unauthorized AI tools and services on corporate networks and devices. It covers network-level detection via next-generation firewalls (NGFW) and web filters monitoring traffic to known AI service domains, endpoint detection using EDR/EPP tools to scan for AI-related applications and browser extensions, and policy enforcement through browser and application controls. The guide includes specific instructions for blocking popular AI tools such as ChatGPT, Claude, Perplexity AI, DeepSeek, Slack AI, Zoom AI Companion, Grammarly, AI meeting assistants, AI code editors, local AI tools, and autonomous AI agents. It highlights the security risks posed by unauthorized AI use, including data leaks and potential cyberattacks on local AI applications. The document is advisory and does not describe a software vulnerability or exploit. No patch or remediation is applicable as this is a security policy and detection guide rather than a vulnerability report.
Potential Impact
The impact described is the risk of data leaks and security breaches resulting from unauthorized use of AI tools in corporate environments. Employees may inadvertently expose sensitive company data to public AI services or install unapproved AI applications that could be insecure or exploited. The guide does not describe a software vulnerability or direct exploitation but focuses on the operational risk of shadow AI usage leading to potential data exposure and compliance issues.
Mitigation Recommendations
This is a security best practices guide rather than a vulnerability with a patch. Organizations should implement the recommended detection and blocking strategies using NGFWs, web filters, DNS rerouting, EDR/EPP tools, browser policies, application allowlisting, and mobile device management (MDM) to restrict unauthorized AI tools. Blocking known AI service domains and applications, enforcing strict extension policies, and auditing meeting participants for AI bots are advised. The guide also recommends providing approved AI alternatives to reduce users seeking unauthorized services. No official patch or fix is applicable.
Technical Details
- Article Source
- {"url":"https://www.kaspersky.com/blog/how-to-detect-disable-shadow-ai-in-enterprise/55952/","fetched":true,"fetchedAt":"2026-06-10T16:47:25.027Z","wordCount":2148}
Threat ID: 6a29951dc9170919df3cb40a
Added to database: 6/10/2026, 4:47:25 PM
Last enriched: 6/10/2026, 4:47:33 PM
Last updated: 6/10/2026, 6:16:02 PM
Views: 10
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.