Immutable audit logs for AI conversations
Aleutian records AI usage across browsers, APIs, and code tools into a hash-chained log that cannot be altered or deleted after the fact. The result is a verifiable audit trail suitable for regulatory and legal proceedings.
86%
of organizations lack visibility into employee AI usage
47%
of employees use AI tools without organizational approval
0
commercially available solutions provide tamper-evident AI conversation logs
Cisco, Netskope, IBM Security — 2025
Captures AI usage across
Browser Chats
ChatGPT, Claude, Gemini, Grok
API Calls
Any OpenAI/Anthropic/Google integration
Code Tools
Claude Code, Copilot, Cursor
Deployment is a single Chrome Enterprise policy pushed via existing MDM. See pricing
The gap in current tooling
Existing security infrastructure was not designed for conversational AI data flows, leaving most organizations with three structural blind spots.
No content-level visibility
Network logs record that a connection was made to chat.openai.com, but not what was said. The actual conversation content — which may include source code, customer data, or internal documents — is not captured by existing monitoring tools.
Mutable logs lack evidentiary weight
Standard application logs can be modified or deleted by administrators. In regulatory or legal contexts, logs that could have been altered are difficult to rely on as evidence of what actually occurred.
Blocking policies shift rather than reduce risk
Organizations that prohibit AI tools report that employees move to personal devices and accounts. The usage continues but moves outside the organization's monitoring perimeter entirely.
Architecture
Capture, chain, store
Aleutian captures AI conversations from three sources — browser interfaces, API integrations, and developer tools — and writes them into a single hash-chained audit log. Each entry is cryptographically linked to the previous one, so any modification to the historical record is detectable.
Sources
Browser interfaces
ChatGPT, Claude, Gemini, Grok
API integrations
OpenAI, Anthropic, Google APIs
Developer tools
Claude Code, Copilot, Cursor
Aleutian
Capture + Hash Chain + Store
Outputs
Tamper-evident audit log
Hash-chained, append-only record
Compliance evidence
SOC 2, GDPR, CCPA report export
Sensitive data flags
PII and credential detection
Deployment
Aleutian is deployed through existing enterprise browser management. End users do not need to install anything or change their workflow.
Push browser policy
IT administrators add a Chrome Enterprise or Edge policy through existing MDM or Google Admin console. The extension installs automatically on managed browsers.
Conversations are captured
When employees use AI chat interfaces, the extension captures the conversation content and forwards it to the Aleutian backend. Normal usage is not interrupted.
Audit log is available
Each message enters a hash-chained audit log with user attribution, timestamps, and provider identification. Compliance reports and search are accessible via the dashboard.
In scope
- Recording AI conversations into a hash-chained, append-only audit log
- Cryptographic verification that the log has not been modified after the fact
- Detection and flagging of PII, credentials, and sensitive data in conversations
- Compliance report generation for SOC 2, GDPR, and CCPA frameworks
- Providing a verifiable record for right-to-be-forgotten and data deletion requests
Out of scope
- Blocking or filtering outgoing messages (this is a DLP function)
- Monitoring how AI providers use or store data after it is received
- Replacing existing network security, CASB, or endpoint protection
- Intercepting or modifying AI traffic in transit
Use Cases
Who uses Aleutian
Aleutian addresses different concerns depending on your role within the organization.
Security leadership (CISO)
The concern
- Most organizations currently have no visibility into the content of employee AI conversations.
- Existing DLP tools monitor email and messaging but do not cover AI chat interfaces.
- Prohibiting AI usage tends to shift it to unmonitored personal devices rather than eliminating it.
How Aleutian helps
Provides a content-level record of all AI conversations occurring on managed browsers, attributed to specific users. The hash-chained structure means the log cannot be modified after the fact, including by system administrators.
IT administration
The concern
- Endpoint agents are difficult to deploy, maintain, and keep users from disabling.
- AI monitoring has been requested but no purpose-built tooling exists in most environments.
How Aleutian helps
Deployment is a Chrome Enterprise policy or equivalent MDM configuration. The extension installs automatically on managed browsers and cannot be removed by users. No endpoint agents, application code changes, or user training are required.
Compliance and GRC
The concern
- SOC 2, GDPR, and similar frameworks require demonstrable controls over data processing, including AI usage.
- Auditors require evidence of controls, not just policy documents stating that controls should exist.
How Aleutian helps
The hash-chained audit log serves as verifiable evidence that AI conversations were recorded and that the record has not been modified. Compliance reports for SOC 2, GDPR, and CCPA can be generated from the dashboard.
Legal counsel
The concern
- When employees share client data or trade secrets with AI providers, there is often no record of exactly what was shared.
- Exercising data deletion rights under GDPR requires knowing what data was sent to which provider.
How Aleutian helps
Provides an immutable, timestamped record of what data was sent to which AI provider, by which user, and when. This record can support right-to-be-forgotten requests, litigation holds, discovery responses, and due diligence demonstrations.
Technical Details
Capabilities
An overview of the system's components and what they provide.
Hash-chained audit log
Each conversation entry is SHA-256 hashed and linked to the previous entry. Modification or deletion of any historical record invalidates all subsequent hashes, making tampering detectable through standard verification.
Browser extension
Captures AI conversations in Chrome, Edge, Brave, Firefox, and Safari. Deployed through enterprise browser policies. Cannot be disabled by end users on managed devices.
API proxy
For programmatic AI usage, applications configure a base URL pointing to the Aleutian proxy. All API requests and responses are captured with full payload content. No application code changes are required beyond the URL configuration.
Developer tool coverage
AI coding assistants (Claude Code, GitHub Copilot, Cursor) can be routed through the proxy via environment variables or IDE settings. This extends audit coverage to code-generation workflows.
Sensitive data detection
Automated scanning flags personal identifiable information, API keys, credentials, and other sensitive content within captured conversations. Flagged entries are surfaced in the dashboard for review.
Compliance reporting
Pre-built report templates for SOC 2 control evidence, GDPR Article 30 processing records, and CCPA data inventory requirements. Reports are generated from the dashboard and export in standard formats.
Regional data residency
Audit data is stored in the customer's selected region (US, EU, or Japan). Data does not leave the selected region. This satisfies GDPR data localization and national data sovereignty requirements.
User attribution
Each conversation is associated with a specific user identity through enterprise SSO integration. This provides the per-user accountability required for insider threat investigations and access reviews.
Compliance Frameworks
Supported frameworks
The hash-chained audit log provides control evidence artifacts applicable to the following compliance frameworks.
Custom deployment options
For organizations with specific data residency, SSO, or retention requirements, Aleutian offers custom configurations and dedicated support.
Enterprise DetailsAleutian Enterprise
BAA for HIPAA, SSO/SAML integration, SIEM streaming, custom retention policies, and dedicated support.
Open source verification tools
The hash chain verification logic is open source under AGPLv3. You can independently verify the integrity of your audit logs without relying on Aleutian's infrastructure.