Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Agentic AI Visibility and Risk Scoring: What Cyberhaven Sees That Others Miss | (Part 3 of 4)

Knowing an AI tool exists is not the same as knowing what it did with your data. This is Part 3 of Cyberhaven's 4-part AI Security product launch series, covering Agentic AI Visibility and AI Risk IQ, Cyberhaven's evidence-based risk scoring system for every AI app and agent in your environment.

Preventing IP Theft and Trade Secret Loss in Manufacturing

A manufacturer's most valuable assets rarely sit in a vault. They live in CAD files, chemical formulations, process parameters, supplier contracts, and tooling specifications that move every day between engineers, plants, partners, and contractors. That movement is what makes the business run, and it is also what makes trade secrets easy to lose. A departing engineer copies a design folder. A contractor forwards a spec sheet to a personal account.

AI Security for Autonomous Agents | Cyberhaven Product Launch (Part 1 of 4)

Autonomous AI agents are running on enterprise endpoints right now, accessing files, processing sensitive data, and executing actions outside the visibility of most security programs. This is Part 1 of Cyberhaven's four-part AI Security product launch series. What this video covers: Most AI security tools were built for browsers and SaaS apps. They cannot see agents operating at the OS level, coding assistants running in IDEs and CLIs, or MCP servers executing in the background. Cyberhaven's AI Security platform was built to close that gap.

How to Use DLP and DSPM to Support SOC 2 Compliance

SOC 2 audits are won or lost on evidence. When an auditor asks how an organization controls access to sensitive data, prevents unauthorized exfiltration, and monitors for anomalous behavior, the answer has to be documented and defensible. For most security and GRC teams, that answer depends heavily on whether their data security tooling is configured to produce audit-ready outputs, not just enforce policies.

How DSPM Detects Insider Threats Using Data Lineage

Most insider risk programs stall at the same place: they can see what data exists, but not what users are doing with it. Data security posture management (DSPM) tools catalog sensitive files, flag misconfigured permissions, and surface overexposed repositories. What they often cannot communicate is whether that overexposed file was accessed, copied, renamed, and uploaded to a personal cloud account by an employee who put in their resignation last week.

How Modern DLP Enables AI Adoption Without Slowing Down the Business

Organizations are not choosing between AI adoption and data security. Rather, they are discovering, often after the fact, that these two priorities are pulling in opposite directions. The engineering team has been using GitHub Copilot for six months. Finance is running variance analysis through ChatGPT. Legal is pasting contract language into Gemini for redlining. According to Cyberhaven Labs research, 39.7% of the data employees share with AI tools is sensitive.

DSPM Is a Live Map of Your SENSITIVE DATA - Not a Quarterly Scan

In this video, you will learn why agentic browsers like ChatGPT Atlas, Perplexity Comet, and Arc have turned the browser into a double agent inside your enterprise, how shadow adoption is bypassing MDM and endpoint controls in days, and why indirect prompt injection creates an attack surface your file-based DLP cannot see. You will also learn how data lineage replaces noisy content inspection with origin-and-destination tracking, so you can stop the leak without blocking the tools your business depends on.

AI Security for Healthcare: How to Protect PHI When Employees Use GenAI Tools

Clinicians are pasting patient summaries into ChatGPT to draft discharge instructions. Billing staff are uploading claim data to AI writing tools to speed up appeals letters. Nurses are using consumer AI assistants to look up drug interactions between patient visits. None of this was approved by the security team, and most of it would surprise the compliance officer.

MCP Security: How to Secure MCP Integrations

AI agents are connecting to enterprise systems right now. Whether a developer wired up Claude to an internal Confluence instance, a vendor shipped an agentic workflow that calls the CRM, or an employee enabled a browser-based AI assistant that reads email, Model Context Protocol (MCP) is rapidly becoming the integration layer between large language models (LLMs) and corporate data. Most security teams have no visibility into any of it.

An HR Leader's Guide to Insider Risk Management

HR teams manage every stage of the employee lifecycle, from hiring and onboarding to performance management and offboarding. Security teams manage data access, behavioral monitoring, and incident response. Insider risk lives at the intersection of both. When HR and security operate independently, the gaps between them are exactly where data loss happens, and the moments of highest exposure are almost always HR events, such as a resignation submitted, a role change processed, a termination decision made.