Cyberhaven Launches Agentic AI Security to Govern Shadow Agents

The endpoint is becoming the new control plane for AI execution, and Cyberhaven is positioning itself to secure it. The company announced an expansion of its Unified AI & Data Security Platform with Agentic AI Security, designed to govern autonomous AI agents running across enterprise environments. This addresses what security teams are increasingly calling "shadow agents" — AI systems operating outside traditional visibility and control.

According to the company's official press release, enterprise adoption of endpoint-based AI agents has grown by 276% over the past year. That's more than triple the growth rate of GenAI SaaS tools. Meanwhile, adoption of endpoint coding assistants more than doubled in 2025, jumping from 20% to 50%. The numbers tell a clear story: AI is no longer just generating content. It is executing work.

Most existing AI security solutions were built to answer questions like "Who is using ChatGPT?" or "What data is being shared with Google Gemini?" Those questions are no longer sufficient. Security teams now need to answer: What agents are running on endpoints? What data are they accessing? What actions are they taking? Until today, they could not.

The new Agentic AI Security platform introduces three integrated layers. Discovery provides a continuously maintained inventory of new and emerging AI agents, GenAI applications, and MCP servers across the enterprise, including shadow agents running locally on endpoints, with Risk IQ scores across five dimensions. Observability reconstructs the full execution lifecycle of every agent interaction: the data accessed, the tools invoked, the actions taken, and the complete multi-turn conversation context. Controls enforce runtime policy guardrails at the prompt and response level, replacing generic block pages with plain-English explanations that coach users toward sanctioned behavior rather than simply blocking them.

Data lineage makes this possible. Where other agentic security tools report what an agent did, Cyberhaven connects every agent action to the data it touched, where that data originated, what it contained, and where it went next. That is the difference between an alert and an investigation (which is exactly what security teams have been asking for, honestly).

"Every CISO is wrestling with the same blind spot: they don't know which AI agents are operating in their environment, let alone what data they're touching," said Saro Subbiah, SVP of Engineering at Cyberhaven. "Our Agentic AI Security leverages the data lineage foundation we have perfected over the years, providing the context that makes the difference between an alert and a successful investigation."

Two additional product releases expand these capabilities. The Cyberhaven Analyst Plugin embeds security signals and workflows directly into AI assistants such as Claude Code, Codex, and other MCP-compatible clients. The plugin includes more than 40 pre-built security skills and over 20 specialized analysis agents that automate multi-step tasks like incident triage, GenAI data exposure reviews, user risk profiling, and executive-level reporting. It can also close duplicate tickets and implement triage decisions inside existing analyst workflows.

The Standalone Browser Extension extends data loss prevention coverage to ChromeOS devices, contractor laptops, and other unmanaged endpoints without requiring an endpoint sensor. The extension traces uploads, downloads, and copy-paste operations with content inspection and is managed through the same console used for traditional endpoint deployments. This gives CISOs a unified view of data flows across managed and unmanaged environments.

From a physical perspective, this matters because the friction of security is now happening where developers actually work. Think about the IDE window where code is written, the browser tab where data is pasted, the terminal where commands execute. Those are the surfaces where shadow agents operate. Traditional security tools sit behind the scenes, logging events after they happen. Cyberhaven's approach puts controls directly into those workflows, which means the guardrails appear in real time as the agent takes action.

Strategically, these releases position Cyberhaven as an early mover in securing the rapidly expanding ecosystem of AI agents that often inherit employee identities and gain high-privilege access to production systems. By combining agent discovery, behavioral observability, and data-centric controls in a single platform, Cyberhaven aims to help enterprises embrace AI-driven productivity while reducing the risk of shadow agents, data exfiltration, and compliance violations.

Independent reporting from TipRanks corroborates the core announcement details, though it cites slightly different growth figures (509% for endpoint AI-native apps versus the 276% in the official press release). This discrepancy highlights how rapidly the landscape is shifting — even the numbers themselves are moving targets.

Whether enterprises actually adopt these controls at scale remains the real question. Security tools that add friction to developer workflows often face resistance, regardless of how elegant the guardrails are. The market will decide if Cyberhaven's approach of coaching rather than blocking strikes the right balance.

Artūras Malašauskas is an AI Systems Integrator with 20+ years of production-grade web engineering experience. He has designed, shipped, and scaled enterprise Python/PHP systems for logistics, SaaS, and public-sector clients. For the past year, he has focused exclusively on AI integrations: deploying open-source LLMs, building generative media pipelines (image, audio, video), and engineering multi-agent workflows for real production environments. His standard: reproducibility, security, cost-efficient inference—no vaporware. He documents and evaluates emerging AI tooling, separating verified capabilities from marketing noise. Technical editor at: muza-ai.eu, ai-verslas.lt, ai-naujinos.lt Connect on LinkedIn