Varonis’ Atlas platform now integrates Anthropic’s Claude Compliance API, giving security teams real‑time visibility into Claude Enterprise and Claude Platform usage, session‑level context, and data‑centric risk assessment.
Varonis Atlas adds Claude Compliance API to tighten AI governance
Enterprises that rely on Anthropic’s Claude models for knowledge work and custom AI services now have a new line of defense. Varonis announced that its Atlas AI security platform can ingest data from the Claude Compliance API, turning raw chat logs and admin events into actionable security insights. The move is a response to growing concerns that uncontrolled LLM usage can expose sensitive data, enable prompt‑injection attacks, or violate regulatory policies.
Why the integration matters
Claude Enterprise is embedded in legal, finance, engineering, and marketing workflows for tasks ranging from document summarisation to code generation. Claude Platform, meanwhile, powers internal tools, chat‑bots, and autonomous agents. Both environments generate a high volume of conversational data, file uploads, and configuration changes—exactly the kind of activity that traditional security tools miss because they focus on network or endpoint signals.
“LLM governance is only as strong as the telemetry you can collect,” says Megan Carter, senior analyst at Gartner. “When a vendor can correlate model usage with the sensitivity of the underlying data, you move from reactive alerts to proactive risk management.”
By pulling session‑level events from the Claude Compliance API, Atlas can:
- Track every prompt and response in chronological order, preserving context for forensic analysis.
- Flag attempts to jailbreak the model or extract proprietary information.
- Map AI activity to the data permissions and classifications stored in Varonis’ Data Security Platform.
These capabilities address a key gap identified in the 2024 NIST AI Risk Management Framework: the need for continuous monitoring of AI system behavior in production.
How the integration works
- API ingestion – Atlas authenticates to the Claude Compliance API using a service‑account token. The API streams events such as
chat.start,chat.message,file.upload, andadmin.change. - Normalization – Each event is enriched with Varonis metadata (file sensitivity labels, user permissions, access history). This creates a unified view where a single prompt is linked to the exact data it referenced.
- Policy engine – Atlas applies configurable policies (e.g., “no PHI in prompts”, “no code generation on production secrets”). Violations trigger real‑time alerts and can automatically quarantine the offending session.
- Investigation UI – Security analysts can open a session view that replays the entire conversation, highlights flagged tokens, and shows the underlying data objects involved.
The technical details are documented in the Claude Compliance API reference and the Varonis Atlas integration guide.
Practical steps for security teams
| Action | How to implement | Benefit |
|---|---|---|
| Enable the integration | In Atlas, navigate to Integrations → Claude and provide the API token. Set the data‑retention window that matches your compliance schedule. | Immediate visibility into all Claude activity. |
| Define baseline policies | Use the built‑in policy templates for Sensitive Data Exposure and Prompt Injection. Tailor them with your organization’s classification schema (e.g., GDPR, HIPAA). | Reduces false positives and aligns alerts with regulatory requirements. |
| Configure real‑time alerts | Route alerts to your SIEM (Splunk, Sentinel, etc.) via the Atlas webhook connector. Include session ID and a link to the Atlas investigation pane. | Enables rapid response and automated remediation. |
| Run periodic AI pen‑tests | Schedule Atlas’ Proactive AI Pen Testing feature to simulate jailbreak attempts against your Claude‑powered agents. Review the generated report for gaps. | Finds weaknesses before attackers can exploit them. |
| Audit data‑access mappings | Use the Data Context dashboard to see which classifications are reachable by each Claude instance. Adjust permissions in the Varonis Data Security Platform as needed. | Ensures that AI models only see data they are authorised to access. |
Real‑world example
A multinational financial services firm discovered that a junior analyst was using Claude Enterprise to draft client reports. The analyst inadvertently uploaded a spreadsheet containing PII. Atlas flagged the upload because the file carried a “Confidential – Personal Data” label. The session was automatically paused, and the security team received an alert with a direct link to the replay. After a brief review, the file was quarantined, and the analyst received a reminder about data‑handling policies. The incident was resolved without any data leaving the corporate network.
What to watch next
- Claude 3.0 – Anthropic plans to release a new model version later this year with built‑in watermarking. Atlas will add support for watermark verification to detect model‑generated content in external channels.
- Regulatory guidance – The EU’s AI Act is expected to require explicit logging of LLM interactions. The session‑level logs collected by Atlas already satisfy many of those audit‑trail requirements.
Bottom line
Integrating the Claude Compliance API gives organizations a concrete way to monitor LLM usage, tie that activity to the data it accesses, and enforce policy in real time. For security teams looking to adopt AI responsibly, the combination of Varonis’ data‑centric context and Atlas’ AI‑specific detection engine provides a practical, scalable foundation.
Interested parties can start a free trial of Varonis Atlas to explore the Claude integration and other AI security features.
Comments
Please log in or register to join the discussion