New From Cyera: Actionable Data Risk Insights Across Agents, Alerts, and Retention Policies

Security teams are not short on signals. They are short on clarity.

AI agents create new paths to sensitive data through non-human identities and tool access. DLP creates more events than teams can reasonably investigate. Data retention enforcement is still hard to prove and even harder to operationalize when data moves faster than manual processes can follow. And the context needed to triage and remediate is scattered across disconnected tools.

Cyera’s latest product updates turn scattered signals into clear, decision-ready context so you can act in the workflows you already use. They focus on five areas where teams usually lose time and control:

• Agent governance: understand how agents can reach, move, and expose sensitive data
• DLP trends: identify repeat exposure patterns so teams can fix root behaviors
• Data retention and minimization: turn retention policy into action by finding stale and over-retained sensitive data and focusing cleanup where it reduces risk most
• Expanded integrations: bring Cyera’s data and risk context into the tools teams already use so signals aggregate in one place and response gets faster
• AI readiness: establish a baseline and roadmap to scale AI safely

Agent Security Graph: a living map of how agents reach and expose sensitive data

AI agents change quickly. The scope of what they can access tends to expand over time, across identities, tools, and data stores. When something looks off, security teams need an answer they can trust.

For example, a team launches an internal agent to summarize Zendesk support tickets in Slack. Two weeks later, it has access to customer success knowledge sources in Slack and Notion, it can be triggered from WhatsApp and query Salesforce, and nobody can explain the real blast radius without stitching together signals from multiple consoles.

Cyera Agent Security Graph provides a living, unified view of an agent’s anatomy by connecting identity context, tool access, and data exposure into a single traceable graph. It helps teams see how agents reach sensitive data, how that access is being used, and where risk is building.

With the Agent Security Graph, you can quickly understand:

• Who can access or trigger the agent, including the human and non-human paths involved
• Where it can be accessed, such as Slack, WhatsApp and other interfaces teams use to invoke agents
• What knowledge it can pull from, including connected knowledge bases, databases, and data stores
• What actions it can take once it has that access

The result is a continuous way to audit the gap between intent and behavior, so teams can approve agent use cases faster without losing control.

The Agent Security Graph is currently available in private preview for existing Cyera customers. Read the full blog to learn more. 

DLP Trends: see data loss patterns across your business

Most DLP programs get stuck in the same loop: an alert queue fills up, analysts investigate one event, then move to the next. The work stays busy, but the underlying behaviors don’t change, so the organization doesn’t get meaningfully safer.

Cyera Omni DLP Trends changes the unit of work from a single alert to a repeatable pattern of exposure. Instead of asking, “What happened in this event?”, Trends help teams step back and answer: “What keeps happening - and is it a workflow that needs guardrails, or a behavior that needs escalation?”

For example, instead of investigating five separate alerts over two weeks that each look “new,” you can spot one Trend showing a recurring pattern, like employees sending sensitive credentials to personal email addresses.

Trends are organized around how exposure actually occurs in your organization, helping teams quickly surface repeat patterns across multiple dimensions:

• What data is involved: PII, financial, legal, credentials 
• How it’s being handled: forwarding, BCC-style distribution, AI usage
• Where it’s going: departments, destinations, domains

This makes it easier to prioritize fixes that scale - policy tuning, coaching, or targeted escalation - rather than re-investigating the same scenario over and over.

DLP Trends is generally available for existing Cyera customers. Read the blog to learn more. 

‍

Data Retention Policies: enforce retention and reduce stale data exposure

Data retention is not only a compliance checkbox. It is a risk lever. The longer unnecessary data stays in your environment, the more it expands audit scope, increases breach impact, and slows down incident response.

In practice, this usually shows up as two problems: data kept far past policy, and sensitive data that nobody uses anymore but still sits broadly accessible.

Cyera’s data retention policies help teams act on two high-value use cases that are difficult to operationalize at scale:

• Over-retained data (retention enforcement): surface files that have exceeded a defined retention period, so teams can take the next step through the right process, such as deletion, archiving, quarantine, or delegated review.
• Stale data (data minimization): identify sensitive or high-risk data that is no longer meaningfully used, such as files that have not been accessed or modified over a defined period, so teams can reduce exposure without guessing.

Policies can be defined using file age signals such as creation date and last modified date, and combined with Cyera’s classification context and signals to scope them precisely. For example:

• “Show me sensitive proprietary CAD files older than 7 years”
• “Flag regulated data that has not been modified in 12 months”

Microsoft retention label visibility (M365)

For Microsoft customers, Cyera also provides visibility into existing Microsoft Purview retention labels applied to files in M365 datastores. Labels appear in a new Tags and Labels section at the datastore level to support auditing and readiness assessment today. Future enforcement actions are coming soon. 

Data Retention Policies are in public preview for existing Cyera customers. Contact your Cyera team to enable the feature.

New Integration Roundup: put deep data and risk context into the tools where action happens

Most security and data tools see part of the picture. They can tell you who did something, what happened, or where a misconfiguration lives. They rarely know what data is actually at risk.

Cyera fills that gap by enriching tools across your ecosystem with deep data and risk context, allowing you to prioritize risks more effectively and take actions with higher confidence.

Recent integrations include:

• AWS Security Hub receives Cyera findings so teams can see data risk alongside other cloud security signals.
• Upwind, Clutch, Atlan, and Euno bring Cyera context into posture, non-human identity, catalog, and lineage workflows, helping teams triage faster and track sensitive data end to end.
• Grip Security and Reco AI are enriched with Cyera’s data classification and labels. Grip uses that context to visualize exposure and prioritize risk by data sensitivity. Reco uses it to improve the accuracy of real-time threat detection.
• Zafran and imPAC leverage Cyera’s data classification to prioritize vulnerabilities based on actual data risk. imPAC also enriches assets to enable enforceable and auditable cloud security controls.

All of these integrations are generally available for existing Cyera customers. Learn more here. 

AI Security Readiness Assessment: build the foundation before risks materialize

AI adoption is moving faster than most governance programs. Security teams often discover gaps only after an agent is in production, a shadow AI tool is in use by complete departments, or a control fails during an audit.

Cyera’s AI Security Readiness Assessment helps organizations establish a secure foundation for AI success before risks materialize. Cyera experts evaluate security and governance controls across the AI lifecycle to determine how mature the program is today, and what is required to scale safely.

The assessment examines operational maturity across key dimensions:

• Policy & standards
• Implementation
• Monitoring & measurement
• Improvement
• Deployment readiness

The outcome is a clear baseline and an actionable roadmap that helps teams deploy high-value AI use cases faster with the right controls in place.

The AI Security Readiness Assessment is available now. Learn more here. 

Security that moves at the pace of AI

AI continues to expand the ways sensitive data gets accessed, moved, and exposed. The need to see what is happening in real time, understand it in context, and act on it quickly and confidently is critical for safe adoption at enterprise scale.

With its recent product innovations, security teams can now:

• Govern agent access paths with a living view of agent anatomy
• Reduce alert fatigue by prioritizing repeatable DLP exposure patterns
• Enforce retention and reduce stale data exposure with retention policies grounded in classification
• Push risk signals and classification context into the tools where triage and remediation happen
• Establish an AI readiness baseline and roadmap before risks scale

If you want to see how these capabilities work together in your environment, request a demo today.