ShadowSeat

ShadowSeat is a web app (with optional lightweight desktop agent) that discovers and controls unsanctioned SaaS usage inside small-to-mid companies. It connects to Google Workspace/Microsoft 365 and your SSO to map which third-party apps users authorize, which domains they log into, and what OAuth scopes they grant. It then scores each app’s risk (permissions, publisher reputation, breach history signals, and anomalous usage) and gives admins a simple “allow, restrict, or revoke” workflow. The goal is not enterprise-grade CASB complexity; it’s a brutally practical dashboard that shows the top 20 risky apps and the 20 users creating the most exposure. It also generates a plain-English report for leadership and a short remediation checklist for IT. This is a combination traditional + AI app: AI is used for risk explanations and policy suggestions, not magical detection.