Aleutian Logo Aleutian
Contact Sales

Managed audit service for AI conversations

Aleutian Pro is a hosted service that captures AI conversations from browser chat interfaces, API integrations, and code tools, then stores them in a tamper-evident hash-chained log. Deployed via Chrome Enterprise policy or environment variable configuration, with no changes to existing workflows.

3 sources

browser, API, code tools

Hash chain

tamper-evident storage

Managed

hosted on GCP

What the Pro tier captures

AI usage in most organizations spans three categories. The Pro service captures all of them through a single audit pipeline.

Browser conversations

A managed Chrome/Edge extension observes conversations in ChatGPT, Claude, Gemini, and Grok. Deployed via Chrome Enterprise policy; users cannot disable it.

API integrations

Applications making programmatic API calls to OpenAI, Anthropic, or Azure OpenAI route through the Aleutian proxy by changing a single base URL configuration.

Code tools

Developer tools such as Claude Code, GitHub Copilot, and Cursor are captured via environment variable proxy settings pushed through MDM or login scripts.

How the hash chain provides tamper evidence

Standard database logs can be modified or deleted without leaving a trace. In a hash-chained log, each entry includes the SHA-256 hash of the previous entry, so removing or altering any record produces a detectable break in the sequence.

Standard database log

id: 1001

prompt: "Analyze customer..."

id: 1002

-- DELETED --

id: 1003

prompt: "Summarize the..."

Record 1002 has been deleted. An auditor reviewing records 1001 and 1003 has no mechanism to detect that an entry is missing.

Hash-chained log

hash: a3f2...

prev: 0000

hash: 7b1c...

prev: a3f2...

hash: BROKEN

prev: 7b1c ≠ expected

If any record is removed or altered, the subsequent hash no longer matches. The discrepancy is mathematically verifiable.

Verification

Chain integrity can be verified at any time via the dashboard, API, or CLI. The verification process recomputes all hashes and confirms no entries have been modified since capture.

$ aleutian verify --company acme-corp --range 2026-01

Chain integrity: VALID

12,847 entries verified

No gaps detected

Report exported: audit_report_2026-01.pdf

Deployment methods

Each capture source has a corresponding deployment mechanism. None require changes to end-user behavior.

Browser extension — Chrome Enterprise policy (JSON)
// Pushed via Google Admin Console or GPO. Users cannot remove the extension.
{
  "ExtensionInstallForcelist": [
    "aleutian-audit-extension-id;https://clients2.google.com/service/update2/crx"
  ],
  "ExtensionSettings": {
    "aleutian-audit-extension-id": {
      "installation_mode": "force_installed",
      "toolbar_pin": "force_pinned"
    }
  }
}
API proxy — one line change per application
# Python (OpenAI SDK). Same pattern for Anthropic, Azure, etc.
client = OpenAI(
    api_key=os.environ["OPENAI_API_KEY"],
    base_url="https://proxy.aleutian.ai/v1"
)
Code tools — environment variable (pushed via MDM or login script)
# For Claude Code
export ANTHROPIC_BASE_URL=https://proxy.aleutian.ai/anthropic

# For GitHub Copilot / Cursor
export HTTP_PROXY=https://proxy.aleutian.ai

Architecture

All three capture sources feed into a single audit pipeline. Regardless of how a conversation was captured, it enters the same hash chain and appears in the same dashboard.

Browser Extension

ChatGPT, Claude, Gemini, Grok

API Proxy

OpenAI, Anthropic, Azure

Code Tools

Claude Code, Copilot, Cursor

Aleutian Backend

Hash chain, PII scan, storage

Dashboard

Compliance reports

PII alerts

Supported AI providers

OpenAI

ChatGPT, API, GPT-4

Anthropic

Claude web, API, Code

Google

Gemini web, API

xAI

Grok web

What gets recorded

Each captured AI interaction produces a structured audit entry containing the following data.

Conversation content

The full text of user messages and AI responses, along with timestamps, provider identification, and the model used.

Hash chain linkage

Each entry includes the SHA-256 hash of the previous entry. The resulting chain is append-only and any modification is detectable through verification.

PII detection

Automated scanning identifies personal data patterns such as email addresses, phone numbers, and government identifiers. Configurable alert thresholds per category.

User attribution

Each entry is associated with the user who initiated the conversation, identified through enterprise SSO, extension authentication, or API key mapping.

Capture source

The record indicates whether the conversation was captured via browser extension, API proxy, or code tool, along with the specific provider interface used.

Compliance export

Audit data can be exported as structured JSON for any date range or user, filtered by PII flags, provider, or capture source. Reports include hash verification metadata.

Dashboard

A web interface provides visibility into captured conversations, PII alerts, and chain integrity status. The same data is accessible via API for integration with existing security tooling.

Aleutian Pro — Audit Log
12,847
Entries (30d)
142
Active Users
23
PII Flags
Valid
Chain Integrity
Entry ID User Provider Source Status
ent_a8f2c... alice@company.com ChatGPT Browser ext. Clean
ent_b3d7e... bob@company.com Claude (API) API proxy PII
ent_c9e1f... carol@company.com Claude Code Code tool Clean

Supported compliance frameworks

The audit log and verification capabilities address specific controls within the following frameworks. The table below maps each control to the corresponding evidence artifact.

SOC 2

Type II Ready

GDPR

EU Privacy

HIPAA

Healthcare (Enterprise)

NIST

CSF & 800-53

Specific controls addressed

Framework Control Requirement Aleutian Evidence
SOC 2 CC7.2 Monitor system components Tamper-evident audit logs
SOC 2 CC7.1 Detect security events PII detection, alerting
GDPR Art. 17 Right to erasure Deletion flow + certificates
GDPR Art. 30 Records of processing Automated activity logs
NIST AU-9 Protection of audit info Hash chain integrity
NIST AU-10 Non-repudiation Cryptographic verification
ISO 27001 A.8.15 Logging Comprehensive audit trail
PCI DSS 10.3, 10.5 Audit log integrity Tamper-evident logs
ISO 27001
PCI DSS
CCPA/CPRA
EU AI Act

Frequently asked questions

Can users disable the browser extension?

When deployed via Chrome Enterprise policy or MDM force-install, the extension cannot be removed or disabled by the user. The extension also reports a heartbeat, so its absence triggers an alert. Enterprise-managed incognito mode can also be configured to include the extension.

Does the API proxy affect rate limits or billing with AI providers?

No. Your API keys and rate limits remain unchanged. The proxy forwards requests transparently, and the AI provider sees your credentials as usual. Billing continues directly between you and the provider.

Where is audit data stored?

The Pro managed service stores data on GCP in the US by default. EU data residency (Belgium) is available on request. For organizations that require data to remain on their own infrastructure, the Enterprise tier offers self-hosted deployment.

How does GDPR right-to-erasure work with an immutable log?

Deletion requests are processed through a multi-step workflow with a grace period, soft delete, and hard delete. Upon completion, a cryptographic deletion certificate is issued proving the data was purged. The hash chain records the deletion event itself as an auditable entry.

What about mobile AI usage?

Mobile platforms offer limited browser extension support. The recommended approach is to block native AI applications via MDM and require employees to use the managed browser on mobile devices. Desktop browsers represent the majority of enterprise AI usage.

What happens if the Aleutian service is unavailable?

The Pro tier operates with 99.9% uptime SLA across multiple GCP regions. For the API proxy path, failover to direct provider access can be configured. The browser extension buffers locally during brief outages. For higher availability requirements, see Enterprise.

Pro tier pricing

Two plan levels are available within the Pro managed service. Both include all three capture sources (browser extension, API proxy, code tools).

Startup

Hash-chained audit logging with basic dashboard access. Suitable for teams beginning to formalize AI usage oversight.

$149/month

50,000 audit entries included. $1 per 1,000 overage.

  • Hash-chained audit log
  • Browser extension + API proxy + code tools
  • Verification API and CLI
  • Web dashboard
  • 30-day data retention

Available add-ons:

  • PII detection +$50/mo
  • Privacy firewall +$75/mo
  • GDPR deletion certificates +$75/mo
  • Drata/Vanta integration +$25/mo
Request trial
Full compliance

Pro

Complete audit and compliance capabilities including PII detection, deletion certificates, and automated compliance reporting.

$349/month

200,000 audit entries included. $1 per 1,000 overage.

  • Everything in Startup
  • PII detection and alerting
  • Privacy firewall (pre-send blocking)
  • GDPR deletion with certificates
  • Compliance report generation
  • Retention policy automation
  • Drata/Vanta integration
  • 90-day data retention
Request trial

Both plans include a 14-day trial period. See full pricing comparison including Enterprise tier.

Self-hosted deployment, SSO, or SIEM integration

The Enterprise tier provides on-premises deployment, SAML/SCIM identity integration, audit log streaming to existing SIEM systems, and dedicated support with custom SLAs.

Enterprise details Compare all tiers