Cyberhaven has expanded its Unified AI & Data Security Platform with new capabilities designed to govern autonomous AI agents and protect enterprise data across workflows. The update introduces Agentic AI Security, allowing teams to discover, monitor, and control AI agents; an Analyst Plugin that integrates Cyberhaven intelligence into AI assistants like Claude Code and Codex; and a Standalone Browser Extension that extends data loss prevention to ChromeOS, unmanaged endpoints, and contractor devices. The platform is built to help security analysts manage the growing use of AI agents within enterprises.
Enterprise AI Agent Adoption is Accelerating
AI is rapidly shifting from chat-based tools to autonomous agents operating on endpoints. According to Cyberhaven Labs research, enterprise adoption of endpoint-based AI-native apps has grown 509% over the past year, and enterprise adoption of coding assistants has jumped 357% year over year. These agents are being given increasing access to data and systems, unlocking productivity gains while introducing a largely unaddressed governance challenge: shadow agents, AI systems operating outside enterprise visibility and control
“The way enterprises use AI has fundamentally shifted,” said Nishant Doshi, CEO of Cyberhaven. “AI is no longer just generating content. It is executing work. These agents have access to data, tools, and systems, operating with a level of autonomy the industry has not seen before. Most governance programs still focus on what users type into AI, not on what AI agents are actually doing. Security has to operate in real time, at the point where AI is taking action. That is what Cyberhaven is addressing with today’s launch.
Agentic AI Security: Govern Shadow Agents Across the Enterprise
Most security tools built for cloud-based AI are blind to agents running locally on endpoints in developer tools, integrated development environments (IDEs), and desktop applications. These shadow agents often inherit employee identity, gain access to sensitive data, and can execute bulk operations across production systems.
Cyberhaven’s Agentic AI Security addresses this through three integrated layers:
- Discovery provides a continuously maintained inventory of new and emerging AI agents, GenAI applications, and MCP servers across the enterprise, including shadow agents running locally on endpoints, with Risk IQ scores across five dimensions.
- Observability reconstructs the full execution lifecycle of every agent interaction: the data accessed, the tools invoked, the actions taken, and the complete multi-turn conversation context, so violations that unfold across multiple steps surface automatically.
- Controls enforce runtime policy guardrails at the prompt and response level, replacing generic block pages with plain-English explanations that coach users toward sanctioned behavior rather than simply blocking them.
Data Lineage makes this possible. Where other agentic security tools report what an agent did, Cyberhaven connects every agent action to the data it touched, where that data originated, what it contained, and where it went next. That is the difference between an alert and an investigation
“Every CISO is wrestling with the same blind spot: they don’t know which AI agents are operating in their environment, let alone what data they’re touching,” said Saro Subbiah, SVP of Engineering at Cyberhaven. “Our Agentic AI Security leverages the data lineage foundation we have perfected over the years, providing the context that makes the difference between an alert and a successful investigation.
Product Releases Expanding Agentic AI Security Capabilities
- Cyberhaven Analyst Plugin: Turns every analyst into a power user by bringing Cyberhaven’s security signals directly into Claude Code, Codex, and any MCP-compatible client. The plugin ships with more than 40 pre-built security skills and more than 20 specialized analysis agents that run complete, multi-step workflows for incident triage, GenAI exposure analysis, user risk profiling, and executive reporting, with skills that can also close duplicate incidents and execute triage decisions inside the analyst’s existing workflow.
- Standalone Browser Extension: Extends data loss prevention to ChromeOS, contractor devices, and unmanaged endpoints with no endpoint sensor required. Traces uploads, downloads, and copy-paste activity with content inspection applied, and is managed through the same interface used for endpoint deployments.
To learn more, visit https://events.cyberhaven.com
Related News:
