When you fill out the inventory, you’re telling SanctumShield what you know about — your declaration. Separately, if you share a destination list from your own logs, the app can show which AI services actually appear in it — the observation. The interesting part is the space between the two.
It’s the difference between a self-reported expense claim and the actual bank statement. If they match, great. If the statement shows a subscription the claim never mentioned, you’ve just found something worth knowing. In AI, that unmentioned item is usually where the real exposure sits — the tool nobody approved, touching data nobody reviewed.
To be clear about the mechanics: the “observation” isn’t SanctumShield reaching into your network — it’s the destination list you chose to export and share, read as addresses, not contents. SanctumShield puts your declaration and that list side by side and shows you the gap. Closing that gap — acknowledging what’s there, deciding whether to keep it, and writing it down — is the actual work of governance. The app just makes the gap impossible to miss.
You answer plain questions. SanctumShield turns them into proof you can show.
Go deeper: Observation over attestation