Governing Claude Enterprise in Environments Where Inline Controls Can’t Go

When Anthropic launched the Claude Compliance API in May 2026, it gave security teams a way to address something they’d been wrestling with quietly: employees use Claude, powered by Anthropic, every day, and organizations have limited insight into what’s happening inside those conversations. Business-sensitive details, PII, PHI, credentials, source code, and confidential documents move through prompts, uploaded files, and conversations, and traditional security tools don’t see any of them. For organizations, especially in regulated industries, that’s not just an IT concern but an audit risk.

TrendAI Vision One™ now integrates the Claude Compliance API as an out-of-band way to govern Claude Enterprise usage in the environments where inline enforcement hasn’t landed yet. Customers get this visibility without deploying inline controls, changing how people work, or adding friction to Claude adoption.

TrendAI™ offers this through two collectors, so organizations can match how Claude data is handled to their risk and compliance needs.

The self-hosted collector runs in an organization’s own environment, pulling Claude Enterprise logs through the Compliance API, running them through TrendAI Vision One™ AI Application Security, and surfacing detections in TrendAI Vision One™. The compliance access key and conversation content never leave the infrastructure. This collector is available now, and it covers:

Sensitive data exposure. It detects PII, PHI, credentials, source code, and confidential documents shared with Claude, and identifies which users and projects are at the highest risk.

Policy violations and prompt-based attacks. It surfaces prompt injection attempts, jailbreak patterns, and harmful content in conversations.

The TrendAI Vision One™ collector is SIEM-based and feeds the broader platform. The organization provides the compliance access key, and TrendAI™ pulls Claude Enterprise logs into TrendAI Vision One™, where they feed XDR correlation and extended detection. With this collector, the conversation content is brought into TrendAI Vision One™, covering the following:

Insider risk and anomalous behavior. The collector flags unusual usage patterns, off-hours activity, and access anomalies suggestive of account compromise or misuse, along with XDR correlations across other telemetry data such as email, network, cloud, identity, and data.

Audit and compliance. It produces a defensible record of AI interactions for regulatory inquiries, internal investigations, and policy review.

Deploying the right collector depends on an organization’s data-residency requirements and how much correlation and reporting they need.

Enterprises can choose where their Claude data lives. With the self-hosted collector, the compliance access key and conversation content stay inside their own environment and never reach an external system. With the SIEM-based collector, organizations can bring that data into TrendAI Vision One™ for deeper correlation and compliance. Regulated organizations that won’t export AI conversation logs can run the first collector and still get full visibility and detection.

Visibility, not inline enforcement. The Compliance API is out-of-band by design, so this integration gives organizations visibility into Claude usage rather than blocking it in real time. Visibility and enforcement are two separate layers, and this integration covers the former. If inline control can be deployed, TrendAI Vision One™ AI Secure Access remains the stronger posture. The Compliance API integration is for teams that can’t and does not serve as a replacement for teams that can.

One platform businesses are already operating. Existing TrendAI Vision One™ customers get this within the console they already run. No new vendor, no new contract, no new interface to learn.

While the Compliance API integration matters, it’s worth stepping back to see where it fits in the broader challenge organizations are navigating.

Claude Enterprise is part of a larger and expanding AI footprint. Employees use additional sanctioned AI tools, engineering teams build AI applications and self-built agents, and new AI services keep appearing across cloud accounts. The same platform that gives security teams visibility into Claude usage governs the rest.

TrendAI™ helps organizations address the whole picture from a single platform.

Read More HERE