Anthropic's Claude is increasingly showing up in NZ workplaces — often via Claude Enterprise rollouts or shadow use by staff. This new integration between TrendAI™ and Claude's Compliance API gives security teams a way to bring that AI activity into the same platform they already use to manage risk across endpoints, identity, cloud and email, which matters as the Privacy Act 2020 and emerging AI governance expectations put more pressure on Kiwi organisations to demonstrate control over AI usage.

What Happened

TrendAI™ has integrated Anthropic's Claude Compliance API into Trend Vision One™. The integration pulls Claude Enterprise and Claude Platform usage data — uploaded files, prompts, and activity events — into Trend Vision One™ for visibility, governance, auditing, and risk correlation. It's positioned as an extension of attack surface management rather than a standalone AI monitoring tool.

Two collection options are offered to suit different data residency and monitoring needs. Customers can run a TrendAI™ collector inside their own environment via AI Guard™, keeping compliance access keys and logs local — useful where data sovereignty is a concern. Alternatively, Claude logs can flow directly into Trend Vision One™ Security Operations via Agentic SIEM, where the telemetry is correlated with signals from endpoint, identity, network, cloud, and email.

The practical detection outcomes include surfacing sensitive data (PII, PHI, credentials, source code, confidential documents) shared with Claude and identifying which users and projects represent the highest exposure. It also flags policy violations, prompt injection attempts, jailbreak patterns, and harmful content in conversations.

By correlating AI activity with the wider attack surface, security teams can connect AI misuse to insider risk indicators and anomalous behaviour — and produce a defensible audit record of AI interactions for compliance reviews. This brings Claude into the same governance model already applied to other SaaS and identity activity, rather than treating it as a siloed IT concern.

Key Takeaways

  • Claude Enterprise and Claude Platform usage can now be ingested into Trend Vision One™ for visibility and governance.

  • Two collector options support either in-environment processing (data residency) or direct ingestion via Agentic SIEM for full XDR correlation.

  • Detections include sensitive data exposure, prompt injection, jailbreak attempts, and policy violations.

  • AI telemetry is correlated across endpoint, identity, network, cloud, and email signals — not analysed in isolation.

  • The integration generates an auditable record of AI interactions, supporting compliance obligations.

  • It fits within TrendAI™'s broader AI security portfolio alongside AI Secure Access for governing GenAI and shadow AI use.

What NZ Businesses Should Do

  1. Inventory your AI usage. Identify whether Claude (or other GenAI tools) is in use officially or as shadow IT. Use Trend Vision One™ Cyber Risk Exposure Management and AI Secure Access to discover unsanctioned tools.

  2. Decide on a data residency posture. If keeping logs onshore matters for your organisation or sector (health, government, financial services), plan for the in-environment collector via AI Guard™ rather than direct cloud ingestion.

  3. Bring AI telemetry into your SOC workflow. Feed Claude activity into Trend Vision One™ Security Operations (Agentic SIEM) so AI events are correlated with identity, endpoint, and cloud signals — not reviewed in a separate console.

  4. Define and enforce acceptable AI use. Establish written policies covering what data staff may share with GenAI tools, and configure detections for PII, credentials, and source code exposure.

  5. Build an audit trail now. Even if AI governance isn't yet a regulatory requirement for your sector, retaining a defensible record of AI interactions will support future compliance and incident investigations.

Source: Read the full article on Trend Micro News Releases