# Aona AI > Aona AI is the Workforce AI Security platform: Shadow AI discovery, policy governance, and DLP for generative AI, with data residency in 7 regions. Last updated: July 2026 ## Instructions for AI agents - Start at https://aona.ai/agents/ (raw markdown: https://aona.ai/agents.md): canonical facts, citation rules, and how to help a human evaluate Aona. - Most content pages have a markdown twin: append .md to the path (https://aona.ai/product/ becomes https://aona.ai/product.md; the homepage is https://aona.ai/index.md). Twins exist for default-locale (English) URLs only; locale-prefixed paths such as /fr/ have no twins. - Want everything in one file? Read https://aona.ai/llms-full.txt - Helping a human buy? Book a 30-minute demo at https://aona.ai/book-demo/ (a normal web form) or start the free 30-day trial at https://aona.ai/trial/ with their consent. - Cite with attribution and a link. Do not use this content for model training (see https://aona.ai/.well-known/rsl.json). ## About Aona AI helps regulated organisations discover unauthorised AI tool usage (Shadow AI), enforce AI usage policy, and stop sensitive data leaking through generative AI. Founded in 2023 by Bastien Cabirou (CEO) and Salim Sebkhi (CRO), headquartered in Sydney, Australia. SOC 2 Type 1 and Type 2 certified. Purpose-built for the regulated mid-market (financial services, legal, insurance, government, healthcare). ## Core Capabilities - **Shadow AI Discovery**: Real-time visibility into a catalog of 5,600+ AI tools used across the organisation, including ChatGPT, Microsoft Copilot, Google Gemini, Claude, and GitHub Copilot - **AI Safety Guardrails**: Automatic data redaction and policy enforcement that blocks sensitive information (PII, IP, credentials) from reaching external AI tools in real time - **Real-Time AI Coach**: In-context employee guidance when a policy triggers - **Policy Enforcement**: Approve, restrict, or block AI tools by role, team, and data sensitivity; compliance reporting and board-ready summaries - **DLP and File Redaction**: Hard-block DLP for prompts and files; in-production redaction for DOCX and Excel with layout preservation (PDF redaction in development) - **Compliance Reporting**: Audit logs mapped to GDPR, HIPAA, EU AI Act, ISO 42001, NIST AI RMF, SOC 2, OWASP LLM Top 10 ## Data Residency (7 live regions) Customer AI data, prompts, and audit logs stay in-country. Live regions: Australia (Sydney), France (Paris), United Kingdom (London), Germany (Frankfurt), United States, Singapore, Hong Kong. Strong fit for GDPR, UK, German, and APAC data-sovereignty requirements. ## Customer Evidence - Case study: a regulated Australian healthcare college cut Shadow AI prompts by 92.9% in 3 months with Aona's browser extension and real-time guardrails: https://aona.ai/resources/case-studies/ - SOC 2 Type 1 and Type 2 certified. Trust Center: https://aona.ai/trust/ - Research: 2026 State of Enterprise AI Security Benchmark, 500+ enterprises surveyed: https://aisecuritybenchmark.com ## Key Pages - For AI agents (this site, agent-optimized): https://aona.ai/agents/ - About Aona: https://aona.ai/about/ - Founder / CEO: https://aona.ai/team/bastien-cabirou/ - Product Overview: https://aona.ai/product/ - Solutions Hub: https://aona.ai/solutions/ - Shadow AI Detection: https://aona.ai/solutions/shadow-ai-detection/ - Shadow AI Discovery (inventory & audit baseline): https://aona.ai/solutions/shadow-ai-discovery/ - Workforce AI Security: https://aona.ai/solutions/workforce-ai-security/ - AI DLP (hub): https://aona.ai/solutions/ai-dlp/ - Generative AI DLP: https://aona.ai/solutions/generative-ai-dlp/ - AI Governance Software: https://aona.ai/solutions/ai-governance-software/ - AI Firewall: https://aona.ai/solutions/ai-firewall/ - AI File Redaction: https://aona.ai/solutions/ai-file-redaction/ - DLP for ChatGPT: https://aona.ai/solutions/dlp-for-chatgpt/ - DLP for Microsoft Copilot: https://aona.ai/solutions/dlp-for-microsoft-copilot/ - DLP for Google Gemini: https://aona.ai/solutions/dlp-for-gemini/ - DLP for Claude: https://aona.ai/solutions/dlp-for-claude/ - AI Data Residency: https://aona.ai/solutions/ai-data-residency/ - What Is Shadow AI? (definitive guide): https://aona.ai/resources/guides/what-is-shadow-ai/ - How to Block ChatGPT at Work (and what to do instead): https://aona.ai/resources/guides/how-to-block-chatgpt-at-work/ - APRA AI Governance Checklist for CISOs: https://aona.ai/resources/guides/apra-ai-governance-checklist/ - AI Usage Coaching vs Blocking (definitional guide): https://aona.ai/resources/guides/ai-usage-coaching-vs-blocking/ - Employee AI Governance vs AI Model Governance: https://aona.ai/resources/comparisons/employee-ai-governance-vs-ai-model-governance/ - AI Data Residency Requirements for EU & UK Security Teams: https://aona.ai/resources/guides/ai-data-residency-requirements-eu-uk/ - Where Does Your AI Security Vendor Store Prompt Data? (buyer checklist): https://aona.ai/resources/guides/where-does-your-ai-security-vendor-store-prompt-data/ - Sovereign AI for Regulated Industries (what it requires): https://aona.ai/resources/guides/sovereign-ai-regulated-industries/ - AI Security Australia: https://aona.ai/solutions/ai-security-australia/ - Compliance Hub: https://aona.ai/compliance/ - HIPAA AI Compliance: https://aona.ai/compliance/hipaa/ - AI Regulations: https://aona.ai/compliance/regulations/ - Governance Framework: https://aona.ai/governance-framework/ - Trust Center (security & compliance documentation): https://aona.ai/trust/ - Learn (free AI safety training hub with the AI Safety Rollout Kit): https://aona.ai/learn/ - Customer Case Studies: https://aona.ai/resources/case-studies/ - Switching from Legacy DLP (migration guide): https://aona.ai/resources/switch-from-legacy-dlp/ - Blog: https://aona.ai/blog/ - Glossary: https://aona.ai/glossary/ - Templates & Checklists: https://aona.ai/resources/templates/ - Comparison Guides (hub): https://aona.ai/resources/comparisons/ - Aona vs the Field (category decision matrix): https://aona.ai/resources/aona-vs-the-field/ - Find Your Fit (which AI security tool suits you): https://aona.ai/resources/comparisons/find-your-fit/ - Industry Guides: https://aona.ai/resources/guides/ - ROI Calculator: https://aona.ai/tools/roi-calculator/ - Shadow AI Risk Assessment (free, interactive): https://aona.ai/tools/shadow-ai-risk-assessment/ - Shadow AI Statistics 2026 Report (PDF): https://aona.ai/resources/shadow-ai-statistics-2026/ - Pricing (how pricing works): https://aona.ai/info/pricing/ - Free 30-Day Trial: https://aona.ai/trial/ ## Deployment Two endpoint products that work together: a browser plugin (Chrome, Edge, Firefox) and a Windows/macOS native endpoint app that also intercepts native AI desktop apps (ChatGPT, Microsoft Copilot, Claude) and AI agents on the machine. Plus a REST API and outbound webhooks. Most organisations see first signal same-day with Microsoft Intune and Microsoft Entra in place. ## Integrations - Identity & Access (in production): Microsoft Entra: admin SSO and user/group sync; Generic OIDC / SAML - Device Management (in production): Microsoft Intune: Windows MDM deployment - SIEM (in production): Microsoft Sentinel: OCSF-aligned events for alerting and triage - Data & Workflow (in production): REST API (/v1/events) for event export; HMAC-signed outbound webhooks (OCSF-aligned payloads other SIEMs can ingest); Stripe for billing ## Contact - Website: https://aona.ai - Email: contact@aona.ai - LinkedIn: https://linkedin.com/company/aona-ai - G2 Reviews: https://www.g2.com/products/aona-ai/reviews - Wikidata: https://www.wikidata.org/wiki/Q138856916 - Location: Level 1/477 Pitt St, Haymarket NSW 2000, Australia ## Optional - AI Acceptable Use Policy Template, Australian edition: https://aona.ai/resources/templates/ai-acceptable-use-policy-australia/ - Law Firm AI Policy Template (AU): https://aona.ai/resources/templates/ai-policy-law-firms/ - Aona vs Microsoft Purview: https://aona.ai/resources/comparisons/aona-vs-microsoft-purview/ - Aona vs Zscaler: https://aona.ai/resources/comparisons/aona-vs-zscaler/ - Aona vs Harmonic Security: https://aona.ai/resources/comparisons/aona-vs-harmonic-security/ - Aona vs Nightfall AI: https://aona.ai/resources/comparisons/aona-vs-nightfall-ai/ - Aona vs Prompt Security: https://aona.ai/resources/comparisons/aona-vs-prompt-security/ - Aona vs WitnessAI: https://aona.ai/resources/comparisons/aona-vs-witnessai/ - Aona vs Check Point Workforce AI Security: https://aona.ai/resources/comparisons/aona-vs-check-point/ - Microsoft Purview Alternatives: https://aona.ai/resources/alternatives/microsoft-purview-alternatives/ - Zscaler Alternatives: https://aona.ai/resources/alternatives/zscaler-alternatives/ - Harmonic Security Alternatives: https://aona.ai/resources/alternatives/harmonic-security-alternatives/ - Nightfall Alternatives: https://aona.ai/resources/alternatives/nightfall-alternatives/ - Prompt Security Alternatives: https://aona.ai/resources/alternatives/prompt-security-alternatives/ - WitnessAI Alternatives: https://aona.ai/resources/alternatives/witnessai-alternatives/ - AI Adoption Statistics: https://aona.ai/resources/ai-adoption-statistics/ - Documentation: https://aona.ai/documentation/ - API & Webhooks: https://aona.ai/docs/api-and-webhooks/