Skip to content
Last updated July 2, 2026

AI Compliance Hub

The AI Compliance Hub is where HostAtlas surfaces every AI workload running on — or called from — your fleet. It is the landing page for a family of pages you’ll find under Compliance → AI Compliance Hub in the sidebar.

Open it at /ai-compliance.

The top of the page shows five KPI tiles:

TileWhat it counts
AI ProcessesRunning LLM runtimes and agent daemons (ollama, llama.cpp, vLLM, text-generation-webui, …).
Model FilesOn-disk model weights over the size threshold (GGUF, safetensors, ONNX, …).
AI FrameworksInstalled Python packages that indicate AI use (torch, transformers, vllm, …).
Servers AffectedDistinct servers with at least one active detection.
UnwhitelistedDetections that have not yet been reviewed — the number to drive to zero.

Below the tiles is a Recent detections feed of the 20 latest findings. Each row shows the detection type, name/version, server (linked to its per-server AI footprint), size and first-seen time, with a badge showing whether the item is whitelisted.

If the counts are all zero, the empty state tells you which agent version is required for Shadow-AI scanning and whether a scan cycle has completed yet.

  • Whitelist a single detection — from any row, click Whitelist, add a reason, and it’s marked approved. The user, timestamp and reason are recorded in the audit trail.
  • Un-whitelist — the same button flips back with one click.
  • Open a server’s AI footprint — click any hostname to jump to the per-server view, grouped by detection type (process → inference API → model file → framework → CUDA), largest artifacts first.
  • Manage whitelists — the header button opens the whitelist rules page, where reusable patterns auto-approve future matches.

Reusable whitelist rules avoid re-approving the same finding on every new host. Each rule has four fields:

  • Pattern type — exact match, glob, or regular expression.
  • Detection type — process, model file, framework, inference API, or CUDA.
  • Pattern — the string to match against (path, process name, package name, hostname).
  • Reason — required, so the audit trail always answers why this was approved.

Rules are scoped to your organisation. Removing a rule does not un-whitelist detections that were individually approved before the rule existed.

Detections come from the HostAtlas agent’s Shadow-AI scanner. On each scan cycle the agent walks running processes, scans configured paths for known model file signatures, inspects Python environments, and observes outbound connections to known inference endpoints. Findings are deduplicated by fingerprint and re-surfaced with an updated first_seen_at if they were seen before.

Whitelist evaluation runs on every new detection: an incoming finding is compared against the pattern rules before it hits the Unwhitelisted counter.

The hub is designed to produce evidence for two overlapping regimes:

  • EU AI Act — the AI Bill of Materials assigns each item one of four risk classifications (minimal, limited, high, unacceptable) that map to the Act’s tiers.
  • SOC 2 / ISO 27001 — every whitelist change, budget change and BOM edit is attributable to a user with a timestamp, giving reviewers an unbroken paper trail.
Was this page helpful?