Skip to content
Rekognise
Platform features

The connectors, the rule book, the audit trail.

Everything you need to walk into an EU AI Act audit with a defensible AI inventory — and nothing you don't.

Connectors

Read-only OAuth, no agents, no code access. We pull metadata only.

Azure

Discovers Azure OpenAI deployments, Cognitive Services and Machine Learning workspaces. Passive Activity Log mining catches privately-keyed model calls.

AWS

Enumerates Bedrock agents, SageMaker endpoints and Comprehend jobs. CloudTrail analysis surfaces shadow-AI usage out of band.

Microsoft 365

Inventories Copilot for M365 seats and tenant-level AI features. Maps users to risk categories without touching content.

GitHub

Lists GitHub Copilot seats per organisation, detects AI-assisted workflows and flags repositories that ship model artefacts.

OpenAI

Pulls organisation membership, project-level model usage and rate-limit tier. Reconciles against billing for completeness.

Anthropic

Discovers workspaces, members, API keys and per-model spend. Verifies usage policy acceptance for the deployer record.

Databricks

Catalogs Mosaic AI endpoints, Foundation Model APIs and registered MLflow models per workspace.

Compliance capabilities

Discovery is table stakes. The work is what happens after.

Passive shadow-AI detection

Even when nothing is in your platform inventory, OpenAI keys hardcoded in Lambdas, ChatGPT browser extensions on managed laptops and rogue Bedrock calls all surface in the Azure Activity Log and AWS CloudTrail. Rekognise mines those logs continuously.

Annex III rule book

All ten high-risk Annex III categories — biometrics, critical infrastructure, education, employment, essential services, law enforcement, migration, justice, democratic processes — encoded as auditable rules. Each system gets a verdict with the cited Annex III point.

Read more

4-eye review queue

Every verdict requires two reviewers before it lands in the evidence pack. Reviewer 1 proposes, reviewer 2 approves or rejects with reason. Disagreements escalate to a designated AI compliance officer.

PDF evidence packs

One-click export per AI system: system facts, classification rationale, Annex III citation, reviewer signatures and timestamped audit trail. Drops straight into your DPO's compliance binder.

CSV audit export

Filterable, structured CSV export of the full audit log — tenant-scoped or admin-scoped. Hand it to internal audit, the supervisory authority, or your data warehouse.

Structured audit log

Every state transition — connection added, system discovered, verdict proposed, reviewer approved, impersonation started — is recorded with actor, IP, justification and ISO-8601 timestamp.

Time-bounded admin impersonation

Support staff can step into a customer tenant only with documented justification, capped at a 60-minute window, with every action attributed back to the operator. Standard for regulated SaaS.

Want to see it in action?

30 minutes. Live discovery scan against a sandbox tenant. No slides.

Book a demo