Aona Styleguide

Internal · Design system

Aona Style Guide

Single source of truth for Aona’s design language across the marketing site and the product dashboard — tokens, primitives, components, and editorial rules in one place.

Marketing site · aona.aiProduct dashboard · dashboard.aona.ai

The design system

Six pieces wire together. Edit any of them and the rest follow.

DESIGN.mdFile
/DESIGN.md (repo root)

Written one-page guide. Voice, tokens, type, layout, buttons, status, icons, workflow.

design-tokens.tsFile
src/lib/design-tokens.ts

Single source of truth: brand colours, slate scale, status, type, layout, motion, radius, forbidden patterns.

tailwind.config.jsFile
tailwind.config.js

Tokens exposed as Tailwind classes (bg-brand-pink, text-brand-ink, ...).

editorial primitivesOn this page →
src/components/editorial/

DotPill · AccentText · PageHero · StatsBar · Timeline · CTASection · PrimaryButton + SecondaryButton.

AonaIcon setOn this page →
src/components/icons/AonaIcon.tsx

30 brand-consistent line glyphs. Replaces every generic emoji.

lint-slop.mjsOn this page →
scripts/lint-slop.mjs

Static lint with 16 named rules. Run it before shipping. CI guard rail.

Brand tokens #

Mono slate body + ONE pink accent. Anything outside this palette is a regression.

brand.pink
#F60385
brand.purple
#6412a6
brand.ink
#8918E5
brand.pillPink.bg
#fdf2f8
brand.pillPurple.bg
#f3e8ff

Slate scale #

Use these for backgrounds, borders, body text. Never hard-code other slate hexes.

page
#ffffff
surface
#f9fafb
card
#ffffff
border
#e5e7eb
text
#111827
textMuted
#4b5563
textSubtle
#6b7280

Status chips #

Light-tone tag colours for badges. Don't use bright primaries as fills. Tight uppercase tracked typography reads as a status, not just a tag.

successwarningdangerinfoneutral

SeverityBadge #

Pre-baked severity chip used inside template cards, comparison rows, and regulation cards. Maps level=critical/high/medium/low/info/neutral to the canonical status palette so red/amber/green never get rolled inline.

CriticalHighMediumLowInfoNeutralP1 — Critical

Source: src/components/editorial/SeverityBadge.tsx. Reach for this anywhere a row needs a severity tag.

Spacing scale #

Tailwind's 4px scale. Use these for padding, gaps, and margins. Don't reach for arbitrary `p-[19px]`.

p-14px
p-28px
p-312px
p-416px
p-624px
p-832px
p-1040px
p-1248px
p-1664px
p-2080px
p-2496px

Shadows #

Three shadow tones for cards and overlays. Stay away from puffy multi-layer drops.

shadow-sm
Card with shadow applied.
shadow-md
Card with shadow applied.
DashboardFrame
Card with shadow applied.

Dashboard / hero glow uses the third token: 0 30px 80px -30px rgba(40,20,80,0.22). Buttons get an inner highlight: inset 0 1px 0 rgba(255,255,255,0.18).

Z-index scale #

Five layers. Don't invent new ones inline.

z-0      base content
z-10     section content above decorations (radial glows)
z-20     sticky in-page nav (e.g. /styleguide SubNav)
z-30     site Header dropdowns
z-40     TopBanner (always above the page)
z-50     Header (fixed)

Breakpoints #

Tailwind defaults plus the custom xs (475px). Mobile-first.

xs    475px    (custom)
sm    640px
md    768px
lg    1024px
xl    1280px
2xl   1536px

Most layouts need only `sm` and `md`. Use `lg` for split-column heroes and `xl` only when you have a max-width 7xl grid.

Layout tokens #

Use these named widths so every section lines up.

maxWidthHero    max-w-4xl     // page heroes
maxWidthSection max-w-5xl    // section content
maxWidthPage    max-w-7xl    // very wide grids / footer
sectionPaddingY py-14 md:py-20
heroPaddingTop  pt-36 pb-14 md:pt-44 md:pb-24

Motion #

Two durations only. Never use hover:scale-* on CTAs.

fast  150ms
base  300ms
ease  cubic-bezier(0.32, 0.72, 0, 1)

Radius #

Pill (chips), card (rounded-2xl), cardLg (rounded-3xl), control (buttons + inputs).

pill        9999px
card        1rem
cardLg      1.5rem
control     0.75rem
hairline    0.375rem

App foundations #

Design tokens for the product dashboard — colours, spacing, shadows, typography, and interaction states. Exported from the dashboard design system.

02 · Foundations

Foundations

Tokens that everything is built from — colors, typography, spacing, radii, shadows, icons.

Brand & semantic color

Primary
#6412A6
Primary Light
#A78BFA
Primary Dark
#5B21B6
Primary Bg
#F2E8FA
Brand Gradient
#F60385 → #8918E5
Accent Pink
#E50794
Sidebar
#19042A
Sidebar FG
#F2E8FA

Semantic & chart

Success / chart-1
#2A9D90
Error
#DC2626
Warning
#F97316
Info
#2563EB
Chart Orange
#F4A462
Chart Pink
#E50794
Chart Purple
#6412A6
Chart LineArea
rgba(167,139,250,0.2)

Neutrals

White
#FFFFFF
BG
#FAFAFA
Muted
#F4F4F5
Border
#E4E4E7
Muted FG
#A1A1AA
Secondary
#71717A
FG
#3F3F46
Heading
#09090B

Typography — Manrope

Display · 48 / 52 · Bold
The quick brown fox
H1 · 32 / 36 · Semibold
Build safer AI adoption
H2 · 24 / 24 · Semibold · −0.4px
Section heading
H3 · 18 / 24 · Semibold
Card title
Body · 14 / 20 · Regular
Aona helps organizations see, secure, and scale their AI adoption.
Small · 12 / 16 · Medium
Metadata and supporting labels
Eyebrow · 14 · Extrabold · 0.1em · UPPER (metric card titles)
ADOPTION
Code · JetBrains Mono
const color = "#6412A6";

Spacing (4px base)

1 · 4px
2 · 8px
3 · 12px
4 · 16px
6 · 24px
8 · 32px
12 · 48px
16 · 64px

Radii & shadows

sm · 2px
md · 6px
lg · 8px
full
sm
md
lg

Iconography — Lucide · 16 / 20 / 24 · 2px stroke

Sidebar & domain icons
Aperture
ShieldEllipsis
FileText
FileStack
FileLock
MessageSquare
Network
UsersRound
Activity
BookOpen
Trophy
GraduationCap
Settings
CreditCard
Building2
LogOut
Actions & states
Search
Plus
Edit
Pencil
Trash2
Copy
Download
Upload
RefreshCw
Filter
Eye
EyeOff
ExternalLink
MoreVertical
GripVertical
Check
CheckCircle2
XCircle
AlertTriangle
AlertCircle
Info
HelpCircle
Ban
Lock
TrendingUp
TrendingDown
Sparkles
ShieldCheck
Clock
Mail

Typography #

Manrope across the entire site. Weights below are loaded; the rest aren't.

Aona governs every AI tool your workforce uses.Light · 300
Aona governs every AI tool your workforce uses.Regular · 400
Aona governs every AI tool your workforce uses.Medium · 500
Aona governs every AI tool your workforce uses.Semibold · 600
Aona governs every AI tool your workforce uses.Bold · 700
Aona governs every AI tool your workforce uses.Extrabold · 800
/* tailwind.config.js */
fontFamily: {
  sans: ["Manrope", "ui-sans-serif", "system-ui", ...],
}

/* usage */
className="font-bold"          // 700
className="font-extrabold"     // 800

Type scale (samples) #

Live samples of the type scale at every step.

Display · 60

Heading 1 · 48

Heading 2 · 36

Heading 3 · 24

Heading 4 · 20

Body 16 · the lazy fox jumps over the slate hairline. Aona governs every AI tool your workforce uses.

EYEBROW · 11 small caps

AonaIcon set #

One icon vocabulary for the site. Replaces every generic emoji. Inherits currentColor.

check
check-circle
x
x-circle
warning
info
bell
clipboard
chart
trend-up
shield
spark
scale
bank
building
document
lock
eye
bolt
flag
sparkle-star
unlock
database
wrench
upload
pencil
syringe
stairs
users
tag

Decorative SVGs #

Brand-purple gradient illustrations for governance pillars and template categories. PNG-fill, not currentColor.

governance-discoverydiscovery
governance-policypolicy
governance-riskrisk
governance-controlscontrols
governance-monitoringmonitoring
governance-compliancecompliance
governance-enablementenablement
governance-maturitymaturity

More in public/images/icons/ (template-*, industry icons). All use the canonical #8B5CF6 → #6412A6 gradient.

App brand #

Logo, wordmark, and gradient treatments as used inside the product dashboard.

01 · Brand

Brand identity

Logo, wordmark, and how to apply them across surfaces.

Aona wordmark
Primary · on Light
Aona
Dark · Sidebar
Gradient · Marketing

Do

  • Maintain clear space equal to the icon height
  • Use the gradient only on dark or neutral backgrounds
  • Use flat #19042A on sidebar & navigational chrome

Don't

  • Rotate, skew, or recolor the mark
  • Place on low-contrast or busy imagery
  • Add drop shadows or outer glows

Header #

The marketing-site header. Theme-aware: light pages get the slate logo + dark nav text, dark pages get the inverse. Responsive: hover dropdowns for Solutions / Resources / Compliance on desktop, hamburger drawer on mobile.

Header · light theme
Book a demo

Source: src/components/shared/Header.tsx. Pass isLightTheme={true} on light pages.

TopBanner #

Promo strip pinned to the very top of every marketing page. Auto-hides as the user scrolls past 40px.

TopBanner · pinned strip
90 Days Gen AI Risk Trial -Start Now

Source: src/components/shared/TopBanner.tsx.

MobileNavigation #

Drawer-based mobile menu (Framer Motion AnimatePresence), rendered automatically by Header on small viewports — open aona.ai on a phone to try it.

src/components/shared/MobileNavigation.tsxFile

Rendered by Header below 768px. Slide-in drawer with grouped links, framer-motion AnimatePresence enter/exit.

Buttons #

Solid purple primary. White-bordered secondary. No hover:scale.

Book a demoBook a demo · lgSee the productSee the product · lg

BookDemoButton #

The canonical pill-shaped Book a demo CTA used in the site Header and across hero sections. Same fill as PrimaryButton, but rounded-full + arrow-up-right glyph. Lives in src/components/shared/BookDemoButton.tsx.

Book a demo

LearnMoreButton #

Secondary text+arrow link used after a primary CTA. Two variants: standard (purple) and hero (white on dark).

Learn More
Learn More

Source: src/components/shared/LearnMoreButton.tsx.

CallToActionArea #

Hero-style closing CTA used on /home. Dark slate panel + brand-pink heading accent + dashboard illustration on the right.

Ready to transform your workforce with responsible AI?

Boost productivity with safe, trusted AI.

Book a demo

Source: src/components/shared/CallToActionArea.tsx. Self-contained — customise copy by editing the source.

Templates download banner #

Compact dark banner for bundled-download CTAs on /resources/templates. Shows file count + email capture.

Download the full security and GRC library. Every template in one ZIP.

Source: src/components/templates/AllTemplatesDownloadBannerCompact.tsx. A larger AllTemplatesDownloadBannerFull variant exists for the templates hub.

App core components #

Buttons, badges, cards, inputs, lists, tabs, dropdowns, avatars, and toasts as used inside the product dashboard.

03 · Components

Components

Every component here maps 1:1 to a React component in src/components/ui.

Buttons · button.tsx

Variants
Sizes
With icon
States

Badges · badge.tsx

Grey Primary Success Warning Error Template

Inputs & form fields · input · textarea · select · checkbox · switch · label · progress · slider

ISO 42001

Must be a valid email.

Remember me
Subscribe to updates
Enable notifications
Auto-sync disabled

Cards · card.tsx · default + 5 colored variants

Default

Basic card

Used for most content containers across the dashboard.

ADOPTION
78%
+10%

of employees using AI

COMPLIANT USERS
942
+23

passed all checks

HIGH-RISK PROMPTS
18
+4

require review

CONVERSATIONS
12.4k
3%

in the last 30 days

PENDING REVIEWS
27
+6

awaiting approval

How we calculate adoption

Users who had at least one tracked AI conversation in the selected window, divided by total active users.

Average session time
14m 22s
+8% vs last month

Avatars · avatar.tsx · UserAvatar

BC
JD
MK
AR
LE
A
B
C
+4

Platform logos · PlatformLogo.tsx

ChatGPT
Copilot
Gemini
Deepseek
Text fallback

Navigation · breadcrumb · tabs · separator · navigation-menu

Breadcrumb
Tabs (underline)
Segmented tabs

Table · table.tsx · table-pagination.tsx

Top AI platforms

Usage across the organization in the last 30 days

 Platform Users Conversations Status Last activity Trend
ChatGPT
 642 5,820 Active 2 min ago 12%
Claude
 418 4,310 Active 11 min ago 24%
Gemini
 287 2,091 Monitoring 1 h ago 3%
Microsoft Copilot
 198 1,477 Pilot 3 h ago 8%
Deepseek
 94 708 Unsanctioned yesterday 14%
Showing 1–5 of 24

HeroBackdrop #

Dark canvas used on /home. Near-black base with a purple + pink radial gradient pair, a 48px grid masked to the centre, and small brand-coloured dots that travel along grid lines like data packets. Place hero copy + DashboardFrame on top.

Workforce AI Security Platform

See and govern AI tools and agents

Discover every AI tool and every agent across your company.

Base: #0b0118 with two radial hotspots — purple rgba(137,24,229,0.35) at 30%/20% and pink rgba(246,3,133,0.30) at 75%/80%.

Grid: 48px lattice at rgba(255,255,255,0.04), faded out toward edges with a radial mask so it never reads as wallpaper.

Dots: 6px brand-pink/purple dots with a soft box-shadow glow. Lanes snap to multiples of 48px so each dot rides a grid line. Linear keyframes move them off-screen with fade-in/out at the edges; durations and delays are coprime so the field never resyncs. prefers-reduced-motion disables them.

Source: src/components/home/HeroOption23.tsx. Import and adapt for any other dark hero.

DotPill (eyebrow) #

Tight pill with an accent dot. Pink is the editorial default for sub-pages; purple matches /home + /product.

Pink (default — solutions, compliance, templates)

For Business Leaders
ISO 42001 Compliance
Open Source Framework

Purple (use on home / product surfaces)

Workforce AI Security Platform
Aona for Security

AccentText #

Pink → purple gradient clip-text. ONE phrase per hero h1, never on stats or buttons.

Turn AI from a Risk into a Competitive Edge

TrustRow #

Inline trust signals beneath a hero CTA. Green check + small slate copy.

SOC 2 Type II5,612 AI tools trackedGovern OpenClaw and Claude Code agents

DashboardFrame #

Wrap a product screenshot in the hairline-bordered frame with a soft purple glow + optional live badge. Matches /home.

Aona dashboard previewlive

MarqueeStrip #

Bottom-of-hero infinite marquee. Use to show breadth ('5,600+ AI tools monitored').

ChatGPTCopilotGeminiClaudeMidjourneyPerplexityRunwayGrokSoraLLaMAMistralStable DiffusionDALL-EWhisperElevenLabsPikaSynthesiaCursorChatGPTCopilotGeminiClaudeMidjourneyPerplexityRunwayGrokSoraLLaMAMistralStable DiffusionDALL-EWhisperElevenLabsPikaSynthesiaCursor

PageSection #

The canonical body-section wrapper. Locks vertical rhythm (py-14 md:py-20), max-width (default max-w-5xl), horizontal padding, and the eyebrow + heading + intro paragraph rhythm. Reach for this anywhere a page needs a content section. Don't roll your own <section className='py-...'>.

How it works

Discover. Govern. Protect.

One platform handles every phase of the AI lifecycle. Stop assembling a tool stack — Aona ships discovery, policy, and runtime enforcement in a single light-weight install.

Body content goes here. Use CardGrid, TwoColumn, or arbitrary children.

Surfaces: white (default), gray, lavender, lavenderStripe.

Widths: narrow (max-w-3xl, 768px), default (max-w-5xl, 1024px), wide (max-w-content, 1263px), full (max-w-content, 1263px). The wide/full tracks line up exactly with PageHero, StatsBar, and CTASection so card grids align with the hero card edges.

Densities: compact (py-10 md:py-14), default (py-14 md:py-20), spacious (py-16 md:py-24).

Source: src/components/editorial/PageSection.tsx.

TwoColumn #

Even (or 5/4) two-column split. Use inside a PageSection for 'text left, visual right' rows. Locks the gap, vertical alignment, and stacking order.

Live demo

Real-time prompt inspection

Aona inspects every prompt inline and redacts or blocks sensitive content before it leaves your environment. No round-trip to a model provider with PII attached.

  • Inline DLP at the prompt layer
  • Per-tool, per-user policy
  • Audit trail for every redaction
Visual / DashboardFrame goes here

Ratios: even (default), text-heavy (5/4), visual-heavy (4/5). Pass reverse to flip on desktop. Source: src/components/editorial/TwoColumn.tsx.

CardGrid #

Responsive card grid that locks columns and gap so every grid on the site reads the same. Pair with FeatureCard, or pass arbitrary cards as children.

Discover

Inventory every AI tool in use across browsers, desktops, and APIs.

Govern

Set per-tool, per-user policies and require approvals where it matters.

Protect

Inspect and redact prompts inline. Block exfiltration before it leaves the browser.

Columns: 2 | 3 | 4. Gaps: tight | default | loose. Source: src/components/editorial/CardGrid.tsx.

FeatureCard #

The canonical card cell used inside CardGrid. Locks fill, hairline border, hover treatment, and rounded-2xl radius.

With icon + body

Standard variant — small icon tile, slate heading, muted body.

Title only

Drop the icon for a tighter card. Use when the row is information-dense.

With footer

Add a footer for metadata or a secondary action.

Read more →

With severity

High

TemplateCard #

The card used on /resources/templates and any 'downloadable resource' grid. Per-category accent stripe across the top, soft halo on hover, accent-tinted icon tile + category label, brand-pink-style check bullets on the Includes list, and a primary download + secondary Details action row. Pass `accent` to colour the stripe / icon tile / category label per category.

PolicyDOCX · Free

AI Acceptable Use Policy

Eight-page template covering approved tools, prohibited data classes, escalation paths, and audit logging. Customise in 30 minutes; deploy via your existing AUP rollout.

Includes

  • Approved + restricted tool lists
  • Data-class handling matrix
  • Incident reporting workflow
  • Manager sign-off block
  • +1 more
Download DOCXDetails
AssessmentXLSX · Free

AI Vendor Evaluation Scorecard

Score third-party AI vendors against 32 weighted criteria across security, privacy, governance, and operational maturity.

Includes

  • 32 weighted scoring criteria
  • SOC 2 / ISO 27001 / ISO 42001 mapping
  • Training opt-out matrix
  • Risk tier auto-classification
Download XLSXDetails
Incident ResponseDOCX · Free

AI Incident Response Playbook

Twelve-section playbook covering severity classification, containment, investigation, communication, remediation, and post-incident review for AI-related events.

Includes

  • Severity matrix (P1 / P2 / P3)
  • Containment + investigation runbooks
  • Stakeholder comms templates
  • Post-incident review structure
  • +1 more
Download DOCXDetails

Source: src/components/editorial/TemplateCard.tsx. Per-category accents on /resources/templates: Policy #9333ea, Assessment #10b981, Incident Response #ef4444, Framework #3b82f6, Checklist #f59e0b, Compliance #6366f1, Training #14b8a6, Discovery #0ea5e9, Risk Management #f43f5e, Legal #475569, Documentation #c026d3. Pass downloadHref for the primary download link, or omit it to render a "View" button to the detail page instead.

FAQSection #

Convenience wrapper that combines PageSection + FAQ. Use for the 'Common questions' section that lives near the bottom of every page. Centered narrow column, gray surface by default.

FAQ

Common questions

Every AI tool your workforce uses — browsers, desktops, APIs. 5,000+ tracked.

Source: src/components/editorial/FAQSection.tsx.

Stats bar #

Slate numbers, small-caps labels. No tier colours.

0+
AI tools detected
< 0 min
to deploy
0×
faster AI adoption
ISO 0
aligned

QuickStatGrid #

Inline 2×4 mini-stat row used inside hero sections on stats pages. Smaller than StatsBar — no surface, just the cards.

75%
Employees use unsanctioned AI
158+
Shadow AI tools per enterprise
$6.5M
Avg breach cost linked to AI
60%
Organisations with no AI policy

MetricCard #

KPI card with optional trend indicator (up/down/neutral) and coloured left border. Used in dashboard previews.

AI tools detected
5,612
+312
Policy violations
84
−18%
Coaching events
1,204

Source: src/components/shared/MetricCard.tsx.

PlatformCard #

Adoption card with animated count-up. Use for AI-tool growth metrics.

ChatGPT

0%

1,204 users

+9%
ChatGPT

Microsoft Copilot

0%

612 users

+24%
Copilot

Gemini

0%

220 users

+3%
Gemini

UpdateBadge #

Tiny pill above stats hero with a pulsing dot. 'Updated Q1 2026 · 30 stats'.

30 statistics, Updated 2026

AnimatedCounter #

Count-up animation for hero stats. Eases from 0 to target over 2s when scrolled into view.

0+
AI tools detected this quarter

Pattern lives inline on stats pages (useCountUp hook). Promote to a primitive when reused 3+ times.

App data viz #

Charts, heatmaps, calendars, and tables from the product dashboard.

05 · Data visualization

Charts & data

Consistent chart palette powered by Recharts. Canonical order: purple → green → orange → pink, with area fills at 20% opacity.

Palette (always this order)
Purple · #6412A6
Green · #2A9D90
Orange · #F4A462
Pink · #E50794
Violet · #A78BFA
Gray · #6B7280
Trend

AI conversations over time

Volume of prompts classified

30 days
6k4k2k0
Multi-line

Platform adoption trends

Share of conversations per platform

ChatGPT Claude Gemini Perplexity
Distribution

Usage by department

6004002000 EngSalesMktOpsHRLegal
Ranking

Top use cases by frequency

Drafting emails1,842
Code review1,520
Data analysis1,124
Customer support892
Brainstorming674
Composition

Risk levels over months

Stacked by risk category

JanFebMarAprMayJun
Low Medium High
Comparison

Before vs after guardrails

Q1Q2Q3Q4Q5
Before After
Share

Top AI platforms

12.4k
total
ChatGPT 42% Claude 28% Gemini 18% Others 12%
Risk

Risk distribution

Low 74% Med 19% High 7%
Goal

Adoption goal

78 of 100%

78%
adoption

Sparklines & stat cards

ChatGPT
5.8k
+12%
Claude
4.3k
+24%
Gemini
2.1k
−3%
Others
708
−14%
Heatmap

Activity by day & hour

Last 7 days · darker = more activity

Less More
Scatter

Users by tokens vs conversations

Power users Regular
Coverage

Framework compliance

ISO 4200192%
SOC 278%
NIST AI RMF61%
EU AI Act34%
Onboarding funnel

Training completion

Invited · 1,240
Started · 1,042
Watched video · 893
Passed quiz · 756
Accepted policy · 521

Department breakdown

DataTable with sparklines and trend indicators

DepartmentUsersAdoptionTrendCompliance
Engineering124
92%
 Compliant
Sales86
74%
 Compliant
Marketing54
58%
 Review
Legal12
31%
 Blocked

Security metrics grid · SecurityMetricsGrid

FLAGGED
1,284

total events

COMPLIANT
942

73% of total

REDACTED
324

25% of total

BLOCKED
18

require review

Timeline #

Numbered steps, all on the left, single column. Dark slate step circles, soft pink line, pink highlight per row. Use for 'How it works' explainers.

1

Discover every AI tool in use

Browser layer + network signals reveal every sanctioned and shadow AI tool across your workforce.
5,000+ AI tools in our detection library
2

Set policies that hold up at runtime

Block, redact, or coach in real time. No VPN, no agents, no rip-and-replace.
Prompt-level interception, not endpoint monitoring
3

Prove control with one report

Audit-ready logs of tool usage, policy actions, and data classification outcomes.
ISO 42001 + SOC 2 evidence in one click

RegulationTimeline #

Date-anchored alternating timeline used on /compliance to track regulation milestones. Brand pink → purple vertical spine, purple date labels, alternating left/right cards. Use for any 'milestones / deadlines' rail.

May 2018
GDPR
EU data protection law applies
Jan 2023
NIST AI RMF
US risk framework released
Dec 2023
ISO 42001
AI management standard published
Aug 2024
EU AI Act
Enters into force
Feb 2025
EU AI Act
Prohibited practices ban
Aug 2026
EU AI Act
High-risk obligations apply

Source: src/components/editorial/RegulationTimeline.tsx. Distinct from Timeline: that one is the numbered-steps "how it works" pattern; this one is date-anchored milestones.

Cards #

Three card flavours used across the site. All use white bg + gray-200 border + slate text.

Editorial card

Default card for feature grids on Solutions and Compliance pages.

Top-accent card

Pattern from TemplatesPageClient — coloured 3px accent line on top.

Hover-lift card

Used for clickable cards (`href` Link). Translates -1px on hover, no scale.

StepCard #

Numbered process step (01/02/03) used on /solutions and /governance 'How it works' grids. Bigger than a Timeline row.

01

Discover

Scan every browser, app, and integration. Auto-detect 5,000+ AI tools.

02

Govern

Set policy by team and data type. Enforce in real time.

03

Audit

Generate compliance reports automatically. SOC 2, ISO 42001 ready.

PillarCard #

Governance framework pillar (PILLAR 01 + icon + title + body + 'Read pillar →' link). Icon sits flush on the card — no tinted tile around it.

PILLAR 01

Discovery & Inventory

Identify and catalog every AI system, tool, and application across your organisation.

Read the pillar →

RiskTierCard #

EU-AI-Act-style tier card. Coloured left bar + tier label + description + 2-column Examples / Obligations.

Unacceptable
Examples
  • Social scoring by governments
  • Real-time biometric ID in public
Obligations
  • Banned outright
  • No exceptions for commercial use
High risk
Examples
  • Hiring & employment tools
  • Critical infrastructure
Obligations
  • Risk management system
  • Human oversight
  • Conformity assessment
Limited risk
Examples
  • Chatbots
  • Generative AI content
Obligations
  • Transparency notice
  • Disclose AI-generated content

AdvantagesGrid #

Bulleted feature list. Flat pink-tinted square check tile, not a gradient circle — Linear/Vanta editorial feel.

  • Detect every AI tool, sanctioned or not, across your workforce
  • Block prompt-level data leakage in real time
  • Coach employees in the moment instead of after the incident
  • Pre-built evidence for SOC 2, ISO 42001, and the EU AI Act

FeatureMatrix (Aona vs X) #

Three-column comparison table. Aona column gets a pink left-accent + tinted bg so it reads as the protagonist. Rows zebra-stripe and group under category headers. Hover highlights a row.

CapabilityAonaCompetitor
Detection
AI tool discovery (5,000+)
Browser-layer enforcement, no agents
Real-time prompt inspection
Compliance
EU AI Act evidence, automated
SOC 2 audit-ready logs
ISO 42001 controls library
Workflow
Native SIEM integration (Splunk / Sentinel)
Real-time employee coaching

ComparisonStickyBar #

Floating bottom bar that appears after 500px scroll on /resources/comparisons/aona-vs-* pages. White bg, hairline top border, 'Comparing AI governance tools?' + Start Trial / Book a demo.

Start trial

Live behaviour: appears after 500px scroll on a comparison page, fixed to the viewport bottom, hides near footer.

OurPickBadge #

Brand-pink emphasis used on the comparisons hub to mark the Aona row as the recommended pick. Uppercase, tight tracking, white text on pink fill — distinctly different from the slate severity chips so users read it as a brand recommendation, not a status.

#1
Aona AI
Our pick

Use sparingly — at most one row per comparison list.

Source: src/components/editorial/OurPickBadge.tsx.

CTASection #

Closing CTA pattern. Default is a centered lavender card with soft pink + purple decorative glows, an editorial heading rhythm, and an optional trust strip. Pass `title={[prefix, accent]}` for split-color heading. Pass `media={...}` to switch to the 2-column split layout with a screenshot or illustration on the right — only when you have a real visual.

Default — centered, split-color heading + trust strip
Get started

Ready to govern AIwithout slowing it down?

Aona deploys in under five minutes via your MDM. Run a free 90-day trial across every AI tool your workforce uses.

Book a demoSee the product
No credit card required · Deploy in under 24 hours · Cancel anytime
Plain title — no AccentText split, no trust strip

Ready to write your own case study?

Join enterprises across financial services, healthcare, and legal who use Aona to govern AI.

Book a demoExplore features
With media — 2-column split
Beyond templates

Need more than a downloadable template?

Templates are a great start. Aona adds the runtime enforcement that catches the prompt that just left the browser.

Book a demoStart free trial
Screenshot / illustration goes here

DefinitionBox #

Inline definition callout. Pink left-bar makes it read as a callout, not a generic gray card.

Definition

Shadow AI refers to AI tools and applications employees use without IT knowledge or approval. It is the AI-era evolution of shadow IT, a growing governance blind spot affecting 9 in 10 enterprises worldwide.

AuthorByline #

Avatar + name + role + date row. Used on /authors/[slug] and template detail pages.

BC
Bastien Cabirou
Co-Founder & CEO · Updated 27 March 2026 · 10 min read

FAQ accordion #

Click to expand; only one open at a time. Slate-bordered card, plus icon rotates 45deg.

Every AI tool your workforce uses across browsers, desktops, and APIs. 5,000+ tools tracked.

Breadcrumb #

Subtle breadcrumb above the h1 on detail pages.

Form inputs #

Email capture + standard input. Pink focus ring matches the brand accent.

No spam. Unsubscribe anytime.

Subscribe widget (3 variants) #

RegulationSubscribeWidget — banner / inline / compact. Reused on /compliance and resources hubs.

variant="banner"
Regulation Updates

Stay Ahead of AI Regulations

Get notified when new AI regulations are introduced or updated. Join 500+ compliance professionals.

variant="inline"
Regulation Updates

Stay Ahead of AI Regulations

Get notified when new AI regulations are introduced or updated. Join 500+ compliance professionals.

variant="compact"

SuccessPopup #

Modal confirmation after form submit. Auto-dismisses after a configurable delay. Used by demo / trial / contact flows.

Auto-closes after 5s. Click outside or the × to dismiss.

ExitIntentPopup #

Captures email when the user moves their cursor toward the browser chrome. Session-storage gates re-show. Static preview below — the real popup self-triggers and shouldn't be opened manually.

Wait!

Get the AI Governance Buyer's Guide before you go

A 10-page PDF comparing the major Workforce AI Security platforms by feature, price, and deployment time.

No spam. Unsubscribe anytime.

Source: src/components/shared/ExitIntentPopup.tsx. Already wired site-wide. Don't tune the trigger threshold inline.

Sections · Features & product UI #

Marketing-site section templates from the Section Lab exploration. Each card is a full-width band designed for aona.ai pages — drop-in layout, copy and motion patterns.

01Bento capability gridFeatures · hero cell with live product UI
Platform

One control plane for every AI tool your workforce touches

Shadow AI Discovery

See every tool in 24 hours

A complete, real-time inventory of AI usage — who’s using what, how often, and what data flows through. 5,000+ tools in the detection library.

Prompt-level DLP

Stop leaks before they leave the browser

Inspect prompts in real time. Block or redact PII, source code, and credentials before they reach third-party models.

AI Coach

Coach employees at the moment of risk

Heads up — this looks like customer data. Try the approved workspace instead, or redact names before sending.
Policy Guardrails

Block, warn, redact, or log

Per team, per tool, per data type — enforced in real time without breaking workflows.

Integrations

Feeds your existing stack

SplunkSentinelOktaAzure ADWorkspace
Compliance

Board-ready reporting

Usage mapped against ISO 42001, the EU AI Act, and internal policy. One-click reports.

02Editorial numbered indexFeatures · table-of-contents, huge numerals

What Aona does

04 capabilities · one platform
01 Discover every AI tool in use Browser-layer discovery maps approved and shadow AI across the org — no network changes, live within 24 hours. 02 Stop data leaking into prompts AI-native DLP inspects prompts and responses in real time, redacting PII, source code, credentials, and IP. 03 Enforce policy without friction Guardrails per team, tool, and data type — block, warn, redact, or escalate, without creating shadow workarounds. 04 Turn governance into adoption The AI Coach guides employees in the flow of work, so safe usage becomes the fast path — not the blocked one.
03Sticky split scrollerFeatures · pinned headline, scrolling cards
For security teams

Close the gaps your existing tools can’t reach

Your SIEM, CASB, and SSO weren’t designed for AI-native threats. Aona is — and it plugs straight into the stack you already run.

Book a demo
/ 01

Shadow AI detection

Detect and inventory every AI tool in use — browser extensions, desktop apps, API integrations, embedded AI features — with real-time alerts on unapproved tools.

5,000+ tools in the detection library, updated weekly
/ 02

DLP built for AI interactions

Inspect prompts and responses in real time, classify data sensitivity, and block or redact PII, source code, credentials, and IP before it reaches third-party models.

Prompt-level interception — not just endpoint monitoring
/ 03

Granular guardrails

Define policies per team, tool, data type, and sensitivity level. Enforce in real time — block, warn, redact, log, or escalate — without disrupting workflows.

Guardrails that don’t create shadow workarounds
/ 04

SIEM & identity integrations

Push AI security events into Splunk or Microsoft Sentinel. Integrate Okta, Azure AD, and Google Workspace for identity-aware policies.

Splunk · Sentinel · Okta · Azure AD · Google Workspace
04Dark capability stripFeatures · plum band, gradient keyline, stats
Why Aona

Visibility traditional tools can’t give you

See the platform →
24 HRS

To a full AI map

A lightweight browser extension deploys via your MDM. Complete usage map within a day.

5,000+

Tools detected

Detection library covering chatbots, copilots, agents, and embedded AI — updated weekly.

3×

Faster adoption

Approve trusted tools, block risky ones, coach users in real time — with 90% less risk.

7

Data residency regions

SOC 2 Type II certified, with residency options across seven regions worldwide.

08Dashboard showcaseProduct UI · browser frame, floating alerts
The platform

Your AI estate, on one screen

Every tool, every user, every policy event — aggregated at the browser layer, where all employee AI activity is actually visible.

Policy triggered

Source code detected in a prompt to an unapproved tool. Redacted & logged.

New tool approved

Claude for Enterprise added to the approved registry for Engineering.

app.aona.ai/dashboard
Aona
Overview
Discovery
Policies
Alerts
Reports

AI Usage Overview

Active AI tools
147
▲ 12 new this week
Policy events
1,082
▼ 18% vs last week
Coached users
642
▲ 9% adoption
Prompts by department
09Three overlapping panelsProduct UI · discover, enforce, coach
How it fits together

Discover. Enforce. Coach.

1 · Discovery
Every AI tool, ranked by risk
ChatGPTLOW
GeminiLOW
DeepSeekHIGH
008 AgentHIGH
5factsMED
2 · Policy
Guardrails per team and data type
Block credentials → all tools
Redact PII → unapproved tools
Warn on source code → Eng
Log file uploads → Finance
3 · Coach
Guidance at the moment of risk
Summarise this contract for ACME CORP covering renewal terms…
Aona Coach: Client name redacted automatically. Tip — the approved Claude workspace keeps contract data in-region.
10Redaction demoProduct UI · animated prompt interception
Prompt-level DLP

Watch a leak not happen

An employee pastes customer data into a chatbot. Aona classifies it mid-keystroke, redacts what shouldn’t leave, and explains why — all before submit.

TYPE CLASSIFY REDACT COACH
chat.openai.com — composing promptaona extension · active
A 2 items redacted before send. Card number and email replaced with placeholders. Your prompt still works — the data just stays home.
30Live event feedProduct UI · animated audit-trail terminal
Audit trail

Every interaction, logged with full context

User, tool, data classification, policy action, timestamp. The evidence your auditors ask for — produced as a side effect of protection.

Explore the event schema
aona://events — all teamsSTREAMING
33Zigzag vignettesFeatures · alternating copy / UI rows
GUARDRAILS / 01

Coaching beats blocking

A hard block teaches employees to switch to a personal device. A well-timed nudge teaches them the safe path — and keeps the interaction inside your visibility.

AONA COACH

This prompt contains what looks like an unreleased product name. The approved Claude workspace keeps it under NDA-grade controls — switch over?

MEASUREMENT / 02

Adoption is a metric, not a vibe

Track safe-usage rates per team. Watch coached employees graduate from risky patterns. Show the board the line going the right way.

SAFE USAGE · ENGINEERING92%
SAFE USAGE · SALES78%
SAFE USAGE · FINANCE96%
39Board report mockupProduct UI · A4 pages fanned on plum
Reporting

The deck your board meeting was missing

Quarterly AI governance reports generate themselves — posture, trends, incidents prevented, and framework coverage, formatted for people who don’t log into dashboards.

See a sample report
40Policy builderProduct UI · plain-language if/then rule
Policy engine

Policies you can read aloud

No regex, no rule trees. Guardrails are sentences — every underlined part is a dropdown.

When anyone in Finance sends customer PII to any unapproved tool, then redact it, coach the user, and log to Splunk.
simulated against last 30 days → would have caught 214 events Activate policy
52Command paletteProduct UI · animated admin actions
Admin experience

Govern 5,000 tools without leaving the keyboard

Every tool, user, and policy is one ⌘K away.

⌘K
DeepSeek — view usageUNAPPROVED41 users · 3 teams
Block DeepSeek for all teamspolicy action
Redact PII → DeepSeek onlypolicy action
Export DeepSeek events to Splunkintegration
Notify the 41 users of policy changecoach
74Prompt anatomyDiagram · a prompt dissected
Fig. 1

Anatomy of an ordinary prompt

PLATE I — OBSERVED IN PRODUCTION, 09:12 TUESDAY

TASK · SAFERewrite this onboarding doc for PII · REDACTMeridian Health, include the IP · REDACTQ3 pricing matrix, and make it sound urgent because CONTEXT · COACHlegal hasn’t approved it yet.”

SAFE TASKpasses through untouched — work continues
PIIclient name replaced with a placeholder
IPpricing data never reaches the model
CONTEXT RISKcoach suggests waiting for legal — logged
134Shadow org chartDiscovery · the AI workforce you never hired
Headcount review

Meet the workforce you never hired

Every team has unofficial AI “staff” now. They don’t show up in the HRIS — they show up in Aona.

Head of Sales
HUMAN · ON PAYROLL
AE team × 12
HUMAN · ON PAYROLL
UNVETTED
“Proposal GPT”
AI · WRITES ALL PROPOSALS
UNVETTED
Call-notes bot
AI · HEARS EVERY DEAL
UNVETTED
Email rewriter
AI · READS CLIENT THREADS
Sales ops
HUMAN · ON PAYROLL
UNVETTED
Pricing helper
AI · KNOWS YOUR FLOOR
org chart, as discovered by Aona · 4 AI workers in one department, 0 in any system of record

Sections · Stats & data viz #

Marketing-site section templates from the Section Lab exploration. Each card is a full-width band designed for aona.ai pages — drop-in layout, copy and motion patterns.

05Oversized stat wallStats · editorial numerals, cited captions

The shadow AI problem

field data · 2024–2026
55%

are already using unapproved AI

of employees use AI tools that were never approved by IT or security.

— Salesforce, Workforce Research
48%

have pasted confidential data

of employees have entered non-public company information into generative AI tools.

— Cisco, Privacy Benchmark Study
0

logs in your SIEM about it

AI tool usage doesn’t generate the events your existing stack was built to collect.

— the reason Aona exists
06Claim + chart splitStats · one argument, one chart
Visibility

Blocked tools don’t disappear. They go dark.

Orgs that ban AI tools see usage move to personal devices and unmanaged accounts. Orgs that govern it see shadow usage collapse — because the safe path is also the easy one.

Read the methodology
Shadow AI prompts / week Ban policyAona guardrails
WK 1WK 4WK 8WK 12
07Live ticker stripStats · dark band, counting numbers
Prompts scanned today0LIVE
Leaks prevented0LIVE
Shadow tools flagged0LIVE
Median time to visibility0 HRSSLA
35Colossal statStats · one number owns the section
OF AI USE AT WORK IS INVISIBLE TO SECURITY
78%

Most employee AI activity happens in the browser, over encrypted sessions your network tooling reads as ordinary web traffic.

— composite of industry shadow-AI studies, 2024–2026 · replace with your own telemetry
37Small multiplesStats · four sparkline trend cards

The first 90 days, in four lines

median across customer rollouts
Shadow AI usage
▼ 74%
falling — that’s the point
Approved tool adoption
▲ 3.1×
rising — safe path wins
Leaks caught / week
▼ 61%
coaching changes behaviour
Coaching acceptance
87%
nudges, not roadblocks
98Heatmap calendarData visual · a year of AI usage
The commit history of adoption

AI usage, like code, has a contribution graph

Once usage is governed, you can finally chart it honestly: adoption deepening week by week, with risk events fading instead of multiplying.

See your year
JUL 2025 → JUN 2026 · one cell = one workday LESS MORE
119ConstellationData visual · scattered tools form a picture
Night sky, annotated

Scattered points become a constellation

Before discovery, your AI tools are random stars — you know a few names, not the shape. Mapping them reveals the figure that was always there: your org’s actual AI workflow.

Chart your sky
CHATGPT COPILOT CLAUDE GEMINI CURSOR PERPLEXITY NOTION AI CONSTELLATION: “THE WORKFLOW” · FIRST CHARTED: 24 HRS AFTER DEPLOY

Sections · Animated & interactive #

Marketing-site section templates from the Section Lab exploration. Each card is a full-width band designed for aona.ai pages — drop-in layout, copy and motion patterns.

75Curtain sliderInteractive · drag raw vs protected prompt
Drag the line

Same prompt. One crossed the line raw.

Summarise the attached churn report for Meridian Health, focusing on the $840k renewal and Sarah Chen’s pricing objections.WITHOUT AONA — AS SENT
Summarise the attached churn report for CLIENT_01, focusing on the AMOUNT_01 renewal and CONTACT_01’s pricing objections.WITH AONA — AS SENT
77SeismographAnimated · the needle never sleeps
Continuous monitoring

AI activity has a pulse. We chart every beat.

station: your-org · drum speed 1 day/rev
RECORDING
08:00 baseline09:12 PII spike — redacted11:30 quiet14:05 new tool tremor17:45 coached21:47 agent aftershock — blocked
79Chat with the CoachAnimated · the product explains itself
The coach, unscripted

The most patient member of your security team

It never names and shames. It never files a ticket about you. It just catches the mistake, explains it once, and lets you get back to work.

EMPLOYEE · 09:12why did my prompt get changed??
AONA COACHYour prompt mentioned a client’s name and contract value. I swapped them for placeholders before it left — the answer you got back works exactly the same.
EMPLOYEEok but I need the name in the output
AONA COACHThen use the approved Claude workspace — client names are fine there, it’s under our enterprise agreement. Want the link?
EMPLOYEEoh. yes please
AONA COACHSent. For what it’s worth — you’re the 14th person this month to ask, so I’ve also suggested we add this to onboarding. 🎯
85Spot the leakInteractive game · click what should not leave
A game your DLP can’t win

Spot the leak

Click every span that shouldn’t reach a third-party model. Aona found them in 41 milliseconds.

“Hey, can you check this deployment script for bugs? It connects with AKIA-9X2F-PROD-7731 to our staging cluster, then emails jane.doe@meridianhealth.com a report. Also rewrite the comment my boss left — ‘fix before the FDA audit on Aug 12’ — to sound less panicked. The script uses our standard logging library.”

FOUND: 0/3 LEAKS · 0 CLICKS tip: not everything technical is sensitive
101Scroll un-redactionAnimated · the page declassifies on reveal
CLASSIFIED // SCROLL TO DECLASSIFY

Your org runs 147 AI tools. About 38 of them were never approved. Roughly half your staff has pasted something they shouldn’t. You can govern all of it by this time tomorrow.

visibility is just declassification, done daily
111Risk ticker tapeAnimated · tool risk ratings traded like stocks

Risk ratings move daily. Your policy should notice.

library re-scored weekly · your usage re-priced in real time · circuit breakers built in

112Audit countdownAnimated · the fiscal-year clock is running
NEXT FISCAL YEAR BEGINS IN
DAYS
HOURS
MINUTES
SECONDS

Will this be the year with an AI inventory, or another year without one?

Deployment takes an afternoon. The clock above is real. So is the one your auditors use.

Beat the clock

Sections · Process & editorial #

Marketing-site section templates from the Section Lab exploration. Each card is a full-width band designed for aona.ai pages — drop-in layout, copy and motion patterns.

11Deployment timelineHow it works · Day 0 to Day 90
Rollout

From blind spot to governed in 90 days

no infrastructure changes · browser extension + SSO
DAY 0

Deploy

Push the extension via your MDM or endpoint tool. Connect SSO. Live in a single afternoon.

~2 hrs effort
DAY 1

Discover

Your complete AI map: approved tools, shadow tools, and the gap between policy and reality.

147 tools · typical org
DAY 30

Govern

Guardrails tuned per team and data type. Coaching live. Risky flows blocked, safe ones fast.

policy events ▼ 60%
DAY 90

Report

Board-ready posture: usage mapped to ISO 42001 and the EU AI Act, with trend lines to prove it.

one-click reports
12Step ledgerHow it works · See / Secure / Scale
Method

Three moves, in order

1

See

You can’t govern what you can’t see. Aona maps every AI tool in use across the organisation — who’s using what, how often, and what category of data is flowing through it.

output → AI inventory
coverage → browser layer
time → 24 hours
2

Secure

Set smart guardrails that protect sensitive data and IP while letting employees use AI productively. Approve trusted tools, block risky ones, redact what shouldn’t leave.

output → enforced policy
actions → block / warn / redact / log
friction → near zero
3

Scale

Turn governance into adoption. The AI Coach guides employees in the flow of work, and board-ready reporting quantifies time saved, risk reduced, and value created per team.

output → safe adoption
speed → 3× faster
proof → one-click reports
41Prompt pipelineHow it works · the journey of one prompt
Architecture

Where Aona sits: between the keystroke and the model

ORIGIN

Employee types

Any AI tool, any browser, any team.

AONA · IN THE BROWSER

Classify & decide

Content inspected against policy in milliseconds.

ALLOWREDACTWARNBLOCK
DESTINATION

Model receives

Only what policy allows to leave.

every decision logged → dashboard · SIEM · audit trail
54Decision treeHow it works · what happens to every prompt
Decision logic

Every prompt takes this walk

One pass, milliseconds long. Four possible endings — and the employee’s work continues in every one.

  • Employee submits a prompt
    • Is the tool approved?
      • YES Sensitive data present?
        • YES Redact & sendprompt works, data stays home
        • NO
          Allowfast path · logged
      • NO Risk level of the tool?
        • HIGH Block & coachsafer alternative offered
        • LOW !Warn & logusage visible to security
every branch ends in a logged event → dashboard · SIEM · audit trail
67Approval stampsHow it works · a tool request paper trail
Tool approvals

From “can we use this?” to yes — in days, not committees

Employees request tools from their popup. Aona attaches the risk evidence automatically — vendor posture, data flows, observed usage — so the review is a decision, not a research project.

See the approval workflow
TOOL REQUESTREQ-2026-0614
TOOLClaude for Enterprise
REQUESTED BY14 employees · Engineering
USE CASEcode review & docs drafting
DATA INVOLVEDsource code · internal docs
VENDOR POSTURESOC 2 · zero retention available
OBSERVED USAGEtoken-level report attached
RISK REVIEWED · DAY 1 POLICY DRAFTED · DAY 2 ✓ APPROVED · DAY 3
guardrails active from first prompt · usage visible from day one
71Redacted memoEditorial · hover the bars to reveal
What redaction feels like

Hover the black bars. That’s the data that stayed home.

Every black bar below was caught by Aona before a real prompt left a real browser. The prompt still worked — the model never needed the secrets.

INTERCEPTED
FROM: account exec · sales
TO: chat.openai.com
RE: renewal email draft
Draft a friendly renewal email to Sarah Chen, CFO of Meridian Health referencing their current contract of $840,000/yr which expires August 31. Mention we can hold pricing if they renew before July 15, and that our champion there, VP Ops Daniel Reyes, already supports the proposal.
5 redactions · prompt delivered · coach tip shown · event logged to Splunk
73Periodic table of AI riskReference · the elements of workforce AI risk
The elements

The periodic table of workforce AI risk

Every incident is a compound of these. Aona bonds with all of them.

01 · DATAPiPII IN PROMPTS
02 · DATAScSOURCE CODE
03 · DATACrCREDENTIALS
04 · DATAIpTRADE SECRETS
05 · TOOLShSHADOW APPS
06 · TOOLEmEMBEDDED AI
07 · TOOLAgAUTON. AGENTS
08 · TOOLFrFREE TIERS
09 · GAPBlBLIND SPOTS
10 · GAPPoPAPER POLICIES
11 · GAPAuAUDIT DEBT
12 · FIXAoAONA · BONDS WITH ALL
DATA RISKS TOOL RISKS PROCESS GAPS
83Nutrition labelReference · what is inside a free AI tool
Read the label

Free AI tools come with a label. Nobody reads it.

Aona reads it for every tool in the library — retention, training rights, jurisdiction, breach history — and turns it into a risk rating your policies can act on.

See a real tool report
133KaraokeEducation · risky words light up as sung
♪ NOW SINGING: EVERY EMPLOYEE, EVERY DAY

Just pasting the customer list into a chatbot real quick

Everyone knows the words. Aona is the part of the machine that beeps on the pink ones — before the verse is over.

words highlighted: as sung · risky lyrics: flagged live

Sections · Proof & compliance #

Marketing-site section templates from the Section Lab exploration. Each card is a full-width band designed for aona.ai pages — drop-in layout, copy and motion patterns.

15Detection marqueeIntegrations · animated endless scroll

5,000+ AI tools in the detection library

chatbots · copilots · agents · embedded AI — updated weekly

your org last week: 147 detected · 38 unapproved · 12 new

16Giant pull quoteTestimonials · one voice, editorial scale
Aona gave us visibility and control over AI use across our teams — secure, while embracing innovation.
Head of Information Security enterprise customer · financial services
18Quote + proof columnTestimonials · quote backed by numbers
When the board asks about AI risk, we don’t give vague reassurances anymore. We open the dashboard.
VP of Risk & Compliance · 4,000-seat enterprise, 14 business units
11 days
to full AI visibility
▼ 74%
shadow AI usage in 90 days
0
data incidents since rollout
25Certification bandCompliance · cert tiles + residency chips
Trust

Audited, certified, and in-region

A security product has to clear a higher bar than the tools it watches. Receipts below.

CERTIFIED

SOC 2 Type II

Independently audited controls, continuously monitored.

ALIGNED

ISO/IEC 42001

AI management system mapping built into reporting.

ALIGNED

EU AI Act

Usage dashboards mapped to obligations as enforcement lands.

ALIGNED

NIST AI RMF

Guardrail engine aligned to govern / map / measure / manage.

DATA RESIDENCY · 7 REGIONS AUUSEUUKCASGJP
26Framework mapping ledgerCompliance · controls mapped to clauses
For auditors

Every control, mapped to a clause

When the audit comes, your AI governance evidence is already organised the way frameworks expect it.

Aona control
ISO/IEC 42001
EU AI Act
Status
AI asset inventorycontinuous discovery of tools in use
A.4.3 — resources
Art. 13 — transparency
AUTOMATED
Acceptable-use enforcementguardrails per team & data type
A.6.2 — use policy
Art. 26 — deployers
AUTOMATED
Interaction audit trailuser, tool, data class, action, time
A.7.4 — logging
Art. 12 — record-keeping
AUTOMATED
Workforce AI literacyin-flow coaching & guidance
A.8.1 — competence
Art. 4 — AI literacy
AUTOMATED
44Stack layersIntegrations · exploded browser-layer stack
Why the browser

One layer up from your proxy, one layer down from the prompt

Network tools see encrypted sessions. Endpoint tools see processes. Neither sees what was asked and what was answered — the layer where AI risk actually lives.

Aona instruments that layer directly, then hands structured events down to the stack you already trust.

45Case study teaserTestimonials · magazine cover + stat band
CASE STUDY · FINANCIAL SERVICES · 4,000 SEATS

From 0% to full visibility in 11 days

CUSTOMER LOGO
“We’d budgeted a quarter for discovery alone. Aona finished it before our kickoff deck was approved. The interesting work — actually setting policy — started in week two.”
147
TOOLS FOUND
▼74%
SHADOW USE / 90D
0
INCIDENTS SINCE
Read the full case study →
46Rotating quoteTestimonials · animated voices crossfade
WHAT THE FIELD SAYS
“Aona gave us visibility and control over AI use across our teams — secure, while embracing innovation.”
Head of Information Security · financial services
“A clever solution to facilitate GenAI adoption securely — with granular controls and oversight.”
CISO · global technology company
“Aona empowered us to innovate with confidence — protecting IP and unlocking AI’s full potential.”
Head of Data · healthcare enterprise
48Myth vs factCompliance · objection-handling pairs
Objections, handled

Three myths that keep AI ungoverned

MYTH

“We blocked ChatGPT, so we’re covered.”

FACT

Blocking one tool moves usage to the other 5,000 — and to personal devices, where you have no visibility at all. Governed access beats whack-a-mole.

MYTH

“Monitoring prompts means spying on staff.”

FACT

Aona inspects AI interactions against policy scope — not personal browsing. The boundary is explicit, auditable, and visible to employees in their own popup.

MYTH

“We’ll wait for the AI Act to settle first.”

FACT

Article 4 AI-literacy duties already apply, and record-keeping obligations land on deployers. Starting discovery now is what “preparing” actually looks like.

59Evidence lockerCompliance · auto-maintained audit files
Audit season

The folder your auditor hopes you have

Every document below is generated and kept current by the platform itself. Audit prep becomes a download, not a quarter.

Browse sample evidence
aona://evidence — Q2 2026auto-maintained
PDFAI asset inventory147 tools · risk-ranked · owners assignedLIVE
CSVInteraction audit log61,209 events · user, tool, class, actionLIVE
PDFPolicy register & change historywho changed what guardrail, when, whyLIVE
PDFISO 42001 control mappingclause-by-clause, with evidence linksLIVE
PDFAI literacy & coaching recordEU AI Act art. 4 · per-employee trailLIVE
64Region clocksCompliance · seven regions, live local time
Data residency

Your prompts never have to leave home

in-region processing · SOC 2 Type II
AU
Sydney
—:—
OPERATIONAL
US
Virginia
—:—
OPERATIONAL
EU
Frankfurt
—:—
OPERATIONAL
UK
London
—:—
OPERATIONAL
CA
Montréal
—:—
OPERATIONAL
SG
Singapore
—:—
OPERATIONAL
JP
Tokyo
—:—
OPERATIONAL
66Readiness checkCompliance · interactive audit scorecard
Self-assessment

Could you answer an AI audit tomorrow?

Six questions auditors and regulators are already asking. Tick what you can prove — not what's written in a policy somewhere.

READINESS
0/6
Most teams start at 0–2. That’s exactly what discovery is for.
Close the gaps — free trial

Sections · Comparison, pricing & FAQ #

Marketing-site section templates from the Section Lab exploration. Each card is a full-width band designed for aona.ai pages — drop-in layout, copy and motion patterns.

19Capability tableComparison · Aona column highlighted
Why not just…?

Built for AI, not retrofitted to it

Your existing stack is excellent at what it was designed for. AI interactions weren’t it.

Capability Network DLP CASB Endpoint agent Aona
Sees encrypted AI traffic in the browserPARTIALPARTIAL
Understands prompt content & intent
Redacts mid-prompt, before submit
Detects embedded AI & local agentsPARTIAL
Coaches employees in the flow of work
Maps usage to ISO 42001 / EU AI Act
Feeds events to Splunk / Sentinel

Aona complements your stack — it doesn’t replace it.

20Old way / new wayComparison · strikethrough editorial pairs
A different posture

Retire the blunt instruments

Block every AI domain at the firewall
Approve the safe path, govern the restBlocking moves usage to personal devices. Governing keeps it visible.
Annual acceptable-use policy PDF
Policy enforced live, at the promptRules that act in the moment — block, warn, redact, log.
Quarterly survey: “do you use AI?”
A live inventory that updates itselfEvery tool, every team, refreshed in real time.
Punish the employee who pasted data
Coach them before the paste landsGuidance at the moment of risk beats discipline after the breach.
22Pricing tiersPricing · See / Secure / Scale, middle elevated
Plans

Start with sight. Grow into control.

See
For teams that need the map
Free 90-day trial
  • Shadow AI discovery
  • Tool risk ratings
  • Usage dashboard
  • Exportable risk report
Start free
Secure
For security & GRC teams
Per seat billed annually
  • Everything in See
  • Prompt-level DLP & redaction
  • Policy guardrails per team
  • AI coach for employees
  • SIEM & SSO integrations
Talk to sales
Scale
For regulated enterprises
Custom volume pricing
  • Everything in Secure
  • Data residency — 7 regions
  • ISO 42001 / EU AI Act mapping
  • Dedicated success engineer
Contact us
23Split accordion FAQFAQ · sticky intro, working details
FAQ

The questions every CISO asks

Straight answers. For anything else, our security team talks to your security team.

Ask something else
Do you see employees’ personal browsing?+
No. Aona monitors interactions with AI tools only, against your policy scope. Everything else in the browser is out of bounds by design, and the boundary is auditable.
Where does our data live?+
Your choice of seven data residency regions. Aona is SOC 2 Type II certified, and prompt content can be processed in-region end to end.
How long does deployment actually take?+
The extension ships through your existing MDM in an afternoon. Most customers see their full AI inventory within 24 hours — no network changes, no agents on servers.
Will employees just work around it?+
Workarounds happen when the safe path is slower. Aona keeps approved tools fast and coaches at the moment of risk — customers typically see shadow usage fall, not migrate.
What about AI built into other apps?+
Embedded AI features — in office suites, CRMs, design tools — are part of the detection library, alongside standalone chatbots, copilots, and local agent frameworks.
24FAQ question indexFAQ · big-type list, category notes

Questions, indexed

12 answers in the help center
PrivacyWhat can Aona see — and what can it never see? DeploymentHow do we roll out to 5,000 seats without touching the network? PolicyCan different teams have different AI rules? ComplianceHow does this map to the EU AI Act and ISO 42001? CoverageWhat happens when a brand-new AI tool launches tomorrow?

Sections · CTAs & brand moments #

Marketing-site section templates from the Section Lab exploration. Each card is a full-width band designed for aona.ai pages — drop-in layout, copy and motion patterns.

27Statement CTAFinal CTA · giant type on plum

See every AI tool. Today.

Deploy in an afternoon. Get your complete shadow AI map within 24 hours. Keep the report either way.

Start the free 90-day trial Book a demo
SOC 2 Type II · 7 data residency regions · no credit card
28Two doors CTAFinal CTA · self-serve vs guided
SELF-SERVE

Run the discovery yourself

Deploy the extension, watch the inventory build, and get your risk report. Free for 90 days.

Start free trial live in ~2 hours · no credit card
GUIDED

Walk it with our team

A 30-minute session with an AI security engineer, mapped to your stack and your auditors’ questions.

Book a demo your security team meets ours
29See / Secure / Scale marqueeFinal CTA · animated outlined type
Get full visibility in 90 days

The Workforce AI Security platform.

50Last word CTAFinal CTA · quiet close, one line

Your employees started using AI two years ago. Your visibility can start this afternoon.

Start the free 90-day trial no credit card · live in ~2 hours · report is yours to keep
58Terminal email captureCTA · request the report like an API call
For the technically impatient

Request the discovery report like you’d request anything else

One field. We reply with rollout steps and a sandbox tenant — usually inside a business day.

aona — request-trialbash
$ aona trial --request --seats=all --days=90
# enter your work email to continue:
✓ request queued — check your inbox for the rollout kit
60ManifestoBrand · typographic beliefs, revealed
WHAT WE BELIEVE

Banning AI is a resignation letter from the future.

Visibility is not surveillance. It’s the opposite of guessing.

The safe path must also be the fast path — or nobody takes it.

Governance should produce evidence, not meetings.

Aona THE WORKFORCE AI SECURITY PLATFORM
68Ribbon CTACTA · slim gradient-edged band
Your AI map, free, in 24 hours. no credit card · no network changes
Start now Book a demo
72Eye chartBrand metaphor · how far can your team read
Visual acuity test

Most security stacks stop reading at line three

The big names are easy. It’s lines four through six — the free tools, embedded features, and agents — where the risk actually lives. Aona reads the whole chart.

Test your vision — free
76Data passportBrand metaphor · where your data may travel
Travel documents

Your data carries a passport now

Every class of data gets travel rules: where it may go, under which visa, and which borders are closed. Aona is the border control that actually checks.

Set your travel rules
DATA PASSPORTAona
HOLDER
Customer PII
CLASSIFICATION
SENSITIVE
ISSUED BY
Policy: Finance-04
RESIDENCY
EU — Frankfurt
APPROVED WORKSPACEclaude · enterprise tier
zero retentionADMITTED
CHATGPT FREE TIERpersonal account
trains on inputsREFUSED
COPILOT M365tenant-bound
contractual controlsADMITTED
UNKNOWN AGENTno vendor review
uploads observedREFUSED

App patterns #

Dashboard-side patterns: overlays, feedback states, layout patterns, editors, wizards, activity feeds, and auth pages.

04 · Overlays

Overlays & menus

Tooltips, dropdowns, popovers, dialogs, sheets, confirmation dialogs, command menu.

Tooltip · tooltip.tsx

Tokens consumed across all AI providers in the selected window.

Dropdown menu · dropdown-menu.tsx

Last 7 days
Last 30 days
Last 3 months
Last 6 months
Last 12 months
Custom range…

Popover · popover.tsx

How adoption is calculated
We count a user as "adopted" if they had at least one tracked AI interaction in the period.
Learn more

Command palette · command.tsx

⌘K
Navigation
AI AdoptionG A
Security & ComplianceG S
ReportsG R
Actions
Create guardrail
Invite users

Dialog · dialog.tsx

Invite team members

Send email invites. They'll receive a signup link.

Confirmation dialog · confirmation-dialog.tsx

Delete guardrail?

This will remove "PII redaction" from 14 platforms. Cannot be undone.

Sheet / Drawer · sheet.tsx

Page content (dimmed)…
06 · Feedback

Feedback & state

Alerts, toasts, empty states, loading skeletons, banners.

Alerts · alert.tsx

Heads up
A new framework version (ISO 42001) is available.
All checks passed
Your organization is compliant with current guardrails.
Trial ending soon
14 days remain. Upgrade to keep AI monitoring active.
High-risk activity detected
18 prompts exceeded your risk threshold in the last hour.

Trial banner · TrialBanner.tsx

14 days left in your trial
Upgrade to keep continuous monitoring and reporting active.

Toasts · sonner.tsx

Guardrail published
"PII redaction" is now live on 14 platforms.
Upload failed
Network timeout — try again.
Report exported
security-audit-apr-22.pdf

Empty states

No results

Try adjusting filters or search terms.

No guardrails yet

Create one to start securing AI usage.

No users invited

Invite your team to get started.

Loading · skeletons & spinners

Skeleton card
Table skeleton
Small
Medium
Large
Dots
07 · Patterns

Layout patterns

Recurring page layouts across the dashboard.

App shell · sidebar + main

AI Adoption

Overview Groups Use Cases Trends
ADOPTION
78%
ACTIVE USERS
942
Template

List / Index page

Page title · action row · filter bar · table with pagination. Used for Users, Groups, Guardrails, Frameworks, Reports.

Template

Dashboard / Analytics

Breadcrumb · H2 title · tabs · metric row · charts grid. Used for AI Adoption, Security & Compliance, Reports.

Template

Detail page

Breadcrumb · title · metadata · tabs · content blocks. Used for User, Group, Framework, Guardrail, Partner.

Template

Auth / Split screen

Centered form card with brand visual. Used for Login, Signup, Verification, Request Access.

08 · Forms & editors

Forms & editors

Date picker, file upload, rich-text, code editor, autocomplete search.

Date picker / calendar

April 2026
M
T
W
T
F
S
S

Search with autocomplete

Users · 3
CH
Charlie Ho
charlie@acme.com
CS
Chris Sato
chris.sato@acme.com
Platforms · 1
ChatGPT

File upload

Drop files here or browse
PNG, JPG, SVG · max 2 MB
acme-logo.svg
12 KB
policy-v3.pdf
62%
video.mov
File too large · max 2 MB

Rich text editor · rich-text-editor.tsx

Employees must not share PII with external AI tools.

This includes customer names, email addresses, or any identifying information. Review the full policy for exceptions.

  • Redact identifiers before pasting data
  • Prefer approved platforms (ChatGPT Enterprise, Claude for Work)
  • Report suspected leaks within 24 hours

Code editor · CodeMirrorPanel

guardrail.json 
{
  "name": "PII redaction",
  "version": 3,
  "trigger": {
    "entities": ["EMAIL", "PHONE", "SSN"]
  },
  "action": "redact",
  "platforms": ["chatgpt", "claude"]
}

Fieldset pattern

09 · Wizard & stepper

Wizards & steppers

Multi-step flows from Business Setup, Onboarding, and Guardrail creation.

Horizontal stepper · BusinessSetupWizard

Organisation
Branding
3
Framework
4
Install plugin
5
Privacy
6
Plan

Vertical stepper

  1. Account created
    Invited Mon, 14 Apr
  2. Plugin installed
    14 Apr · Chrome
  3. Training in progress
    3 of 5 modules completed
  4. Accept policy
    Pending
  5. Ready to use
    Pending

Onboarding screen · OnboardingLayout

Welcome to Aona

Let's get you set up with safer AI in under 5 minutes.

Quiz question · QuizScreen

Question 2 of 5

Which of these can you safely share with ChatGPT?

10 · Activity & timeline

Activity & timeline

Feeds, audit logs, notifications, status indicators.

Activity feed

  • Jane Doe passed the quiz "AI Safety Basics"
    2 min ago · Score 92%
  • High-risk prompt flagged on ChatGPT
    18 min ago · Redacted
  • Marco K. updated guardrail "PII redaction"
    1 h ago · v3 → v4
  • 12 users invited to "Marketing" group
    3 h ago · by Bastien C.
  • Deepseek usage blocked organization-wide
    yesterday

Notification center

Notifications 4 new
JD
Jane Doe commented on your report
5 min ago
High-risk event needs review
18 min ago
Team reached 80% adoption
1 h ago
Monthly report is ready
yesterday

Status indicators

Inline dots
Online
Away
Offline
Live · streaming
Pill statuses
Active
Pending
Failed
Draft
Risk scale
Low
Medium
High
Trend chips
+12% MoM
−3% WoW
No change
11 · Auth pages

Auth page layouts

The only pages outside the dashboard shell. All five follow one of three layouts: split-screen with animated hero (Login, Signup), centered card on radial mist (Verify email), or centered card on neutral wash (Subscription expired, Access denied).

Layout A
Split screen · 50 / 50

Left brand panel (animated radial mesh, hidden below lg), right form column (max-w-[338px], white).

Login, Signup
Layout B
Centered card · radial mist

560px rounded-[28px] card on a soft purple radial. Used for transient verification states.

Verify email
Layout C
Centered card · neutral wash

Compact card (max-w-md) on bg-purple-50/50 or bg-gray-50.

Subscription expired, Access denied

Auth hero backdrop · AuthHeroBackdrop.tsx

Aona

See and govern every AI tool and agent.

Discover Shadow AI, stop data leaks, and audit every agent — all from one platform.

Anatomy
  • Base: solid #0b0118 with two radial blobs — magenta #F60385 @ 25%/95%, violet #8918E5 @ 80%/90%, each at 22% / 20% opacity, fading to transparent at 55%.
  • Grid: 48 × 48 px lines @ rgba(255,255,255,0.04), vignette-masked to fade at the edges.
  • Streaking dots: 6 px glowing dots crossing the panel — 5 horizontal lanes + 3 vertical lanes, alternating magenta / violet, each with a duration between 9 s and 15 s.
  • Reduced motion: dots hidden when prefers-reduced-motion is set.
  • Visibility: hidden lg:flex lg:w-1/2 — collapses on mobile so the form fills the screen.

Login · LoginPage.tsx · Layout A

Sign in to your Account

Need an account? Sign up

Anatomy · Brand panel (left)
  • Width: lg:w-1/2, hidden below lg
  • Background: AuthHeroBackdrop — solid #0b0118 with two radial blobs (magenta + violet) plus an animated grid and streaking glow dots.
  • Inner: px-12 lg:px-16, vertically centered, max-w-[560px]
  • Logo: /aona_logo_w_text.png at h-[90px], nudged left with -ml-[15px]. No separate icon tile + wordmark — the logo PNG is one asset.
  • Stack gap: space-y-[40px] between logo and copy
  • Heading: bold, text-[32px] sm:text-[38px] lg:text-[44px], leading-[1.1], tracking-tight
  • Body: text-[18px] leading-[1.75], text-white/65
Anatomy · Form column (right)
  • Container: flex-1 bg-white grid place-items-center p-4, content md:w-[338px]
  • Vertical rhythm: flex flex-col gap-8 between sections
  • Title: 30/36 bold text-[#18181b]. No eyebrow ("Welcome! 👋" was removed).
  • OAuth button: h-10, border-[#6412a6], label in primary purple, 24 × 24 white logo badge, hover bg-purple-50
  • Order: title → OAuth → divider → email/password → primary CTA → footer link
  • Forgot link: left-aligned below password input (not inline with label)
  • Primary CTA: bg-[#6412a6] hover:bg-[#7c1ec9]

Signup · SignupPage.tsx · Layout A

Create your Account

8+ chars, upper/lowercase, number, symbol.

Already have an account? Sign in

Verify email · SignupVerificationPage.tsx · Layout B

Verify Email

Check your inbox

Open the verification email to continue setup.

Account created successfully

We sent a verification email to b@acme.com. Open it to continue setup.

If you don't see the email, check spam or resend it.

Back to sign in
State · success
Account created successfully
We sent a verification email to b@acme.com.

Default after signup. CheckCircle2 · green.

State · info
Account already exists
This email is already registered.

accountExists=1. Info · blue.

State · warning
Resend needed
The verification email was not sent.

emailFailed=1. AlertCircle · amber.

State · error
Something went wrong
This verification link is invalid.

Token failed/expired. AlertCircle · red.

Subscription expired · SubscriptionExpiredPage.tsx · Layout C

A

Subscription expired

Your Pro plan subscription has expired. To continue using Aona, please renew your subscription.

Need help? Contact support

Access denied · AccessDeniedPage.tsx · Layout C

Access denied

You're signed in as b@acme.com, but your account does not have permission to access the admin app. Please contact your administrator to request access.

Auth design tokens

Hero base
#0b0118
Hero blob · magenta
#F60385 @ 22%
Hero blob · violet
#8918E5 @ 20%
Primary CTA
#6412A6
Primary hover
#7C1EC9
Input border
#E4E4E7
Do / don't
Do
  • • OAuth buttons appear before email/password on Login
  • • Use border-[#6412A6] on OAuth buttons (not gray) — they're brand-prominent
  • • OAuth hover is bg-purple-50
  • • "Forgot your password?" sits below the password field, left-aligned
  • • Brand panel uses AuthHeroBackdrop — animated radial mesh, never a photo or solid gradient
  • • Logo is /aona_logo_w_text.png at h-[90px], single asset with text baked in
  • • Verify card uses rounded-[28px] + radial mist background
  • • Status banners on Verify use the icon + tone from the state matrix above
Don't
  • • Don't reverse the split (form must be on the right)
  • • Don't use the legacy login-background.png photo panel — it's been retired
  • • Don't add a "Welcome! 👋" eyebrow above the title — it was removed
  • • Don't use the gradient icon tile + separate "Aona" wordmark — the logo PNG is one asset now
  • • Don't put OAuth after the email form
  • • Don't inline "Forgot?" beside the password label (legacy pattern)
  • • Don't use "Request access" copy — it's "Sign up" / "Sign in"
  • • Don't add a separate ResetPasswordPage; reset lives within Login

Section header pattern #

Every body section gets the same h2 + intro paragraph rhythm. Use this — don't reinvent.

How Aona governs every AI tool

One short paragraph. Sets up the section. Always slate-600, max-w-2xl, mb-8 before the content.

<h2 className="text-2xl md:text-3xl font-extrabold text-gray-900 mb-2 tracking-tight text-balance">
  Section heading
</h2>
<p className="text-gray-600 max-w-2xl mb-8">
  One-paragraph intro.
</p>

Trusted-by logo strip #

Hero customer / certification logo wall. Mono-tinted opacity, even spacing.

Trusted by security teams worldwide

Quote / testimonial #

Large quote with attribution and optional avatar. Use for customer + analyst quotes.

Aona showed us 4× more AI usage than we knew we had, and gave us policy controls that didn’t slow our engineers down.
JM
Jamie Mitchell
CISO, Sirius Federal Credit Union

Tabs #

Underline-style tabs. Active gets a slate underline + bold weight. Use for switching between content panels.

Scan every browser, app, and integration. Detect 5,000+ AI tools.

Pagination #

Numeric pagination for blog / template archives. Active page = filled slate, others = outlined.

Empty state #

When a filter or search returns 0 results. Friendly + actionable, not apologetic.

No results match these filters

Try clearing one of the filters or searching for a broader term.

Loading skeleton #

Use animated skeleton blocks while content is loading. Same shape as the final card.

Button states #

Idle, hover, active, loading, disabled. Loading uses an inline spinner — don't change the button width.

Idle

Form errors & helpers #

Validation errors live below the input, in red. Helper text in slate-500 above the input.

Please enter a valid work email.

Helper text appears above the field, slate-500.

Filter pills #

Toggle filter row used on /compliance/regulations and /resources/templates. Active = solid slate, inactive = light gray.

Tag chips #

Inline metadata chips on cards (region, type, status). Use the matching status palette.

ActiveUpcomingDraftEULaw

App motion & accessibility #

Animation timing and accessibility guidelines for the product dashboard.

12 · Motion

Motion & interaction

Consistent timing and easing keep the interface calm. Keep it subtle — UI, not theatrics.

Micro
120ms

hover, focus, checkbox

Fast
200ms

toggles, tabs, sidebar

Standard
300ms

modals, sheets, route

Easing
ease-in-out

default for all

Hover lift
Hover me
Scale-in (Radix)
Popover
Number animation
0

MetricCard uses easeOutQuad · 600ms

13 · Accessibility & responsive

Accessibility & responsive

What we ship by default, and how the dashboard reflows across screen sizes.

Focus ring

Every interactive element gets a 2px ring in --ring with 2px offset.

Color contrast

Aa
Purple on White
9.1 : 1 · AAA
Aa
Purple text
9.1 : 1 · AAA
Aa
Sidebar FG on BG
14.6 : 1 · AAA
Aa
Secondary text
5.0 : 1 · AA

Keyboard shortcuts

Toggle sidebar⌘B
Command palette⌘K
Search/
Close dialogEsc
Next item
Submit form⌘↵

Breakpoints

📱
sm
≥ 640 px
📱
md
≥ 768 px
💻
lg
≥ 1024 px
🖥️
xl
≥ 1280 px
🖥️
2xl
≥ 1536 px

Responsive preview

Desktop
Tablet
Mobile

Voice & tone #

Plain English, direct, no marketing fluff, no em dashes ever.

Use
  • Aona discovers every AI tool your workforce uses.
  • Block prompt-level data leakage in real time.
  • Free 90-day trial. Deploys in under five minutes.
  • Use commas, periods, or "and / but / so".
Avoid
  • Aona’s industry-leading platform empowers organisations…
  • Revolutionary AI security solution for the modern enterprise.
  • Em dashes — even when they feel right.
  • Vague verbs: leverage, unlock, transform, supercharge.

Type scale tokens (raw) #

Use Tailwind utility classes, but token sizes are documented here.

eyebrow   0.6875rem  line 1  weight 600
body      1rem      line 1.6  weight 400
bodyLg    1.125rem  line 1.6  weight 400
h4        1.25rem   line 1.4  weight 700
h3        1.5rem    line 1.3  weight 700
h2        2.25rem   line 1.2  weight 800
h1        3rem      line 1.1  weight 800
display   3.75rem   line 1.05  weight 800

Forbidden patterns #

Lint guards in scripts/lint-slop.mjs. Adding new slop here is a hard fail.

  • bg-[#11021d] page shells
  • linear-gradient(...#F60385...#8918E5...) as element background (clip-text only)
  • radial-gradient with rgba(246,3,133,...) or rgba(137,24,229,...) — slop glows
  • rgba(17,2,29,N) overlay scrims
  • url('/images/hero/hero-background.png') on migrated pages
  • text-white/N or text-[rgba(255,255,255,N)] on the new white body
  • text-gray-900 on bg-#111827 / bg-#6412a6 (invisible)
  • tier-coloured stat numbers (#EF4444, #F59E0B, #10B981, #8B5CF6)
  • old dark-purple gradient palette (#6412A6 -> #9B3DCA / #4c0e80 / #8B5CF6)
  • hover:scale-N animations on CTAs
  • Generic emojis (🛡 📊 📋 ⚖ ✅ ❌) — use AonaIcon instead
  • Em dashes — use commas, periods, or 'and/but/so' instead
  • Tinted bg circle/square around an already-coloured icon — drop the wrapper