Watchtower

Watchtower is the grown-up governance idea on the board.

It is less playful than Lodge or Sundog, but the problem is real: people are already using AI tools inside companies, and a lot of that usage is invisible until something breaks.

What It Looks For

• Unmanaged AI tools.
• Data going places no one approved.
• Policies that exist only as vibes.
• Teams inventing their own workflows because the official path is too slow.

The Version That Is Useful

Watchtower should help a company see its shadow AI surface without turning into surveillance theater.

The product shape is:

• Opt-in discovery agents for workstations and CI environments.
• A dashboard showing which AI tools are in use, where, and by which teams.
• A policy engine for approved tools, data classes, retention limits, and alert thresholds.
• Compliance reports for SOC 2, ISO 27001, GDPR, and the uncomfortable internal questions that do not fit neatly in a checkbox.
• Privacy-preserving collection: tool names, versions, and usage categories, not keystrokes or source code.

It is paused for now because the enterprise version needs more care than the landing page version. The risk is real, but the tone has to be right.

The Thing I Want To Avoid

I do not want this to become hall-monitor software. The useful version helps a team see what is already happening and build safer paths that people will actually use.