Mimecast has announced a significant expansion of its Incydr platform, introducing new data security capabilities designed for the AI era, alongside a preview of its upcoming Agent Risk Center at the RSA Conference 2026. The update reflects a shift toward what the company describes as “runtime data security,” an approach focused on detecting, governing, and responding to data exposure in real time whether caused by employees or AI agents acting on their behalf.
The move comes as organizations increasingly adopt AI-driven tools and autonomous agents. According to Mimecast, while a large majority of Fortune 500 companies are already deploying AI agents, only a small portion have fully approved security frameworks in place. This gap has created a new and complex attack surface, as AI agents access and share sensitive information through channels that traditional security tools were not built to monitor, including automated workflows, third-party AI platforms, and unsanctioned “shadow AI” tools.
Mimecast’s latest enhancements extend the scope of Incydr beyond insider risk to cover both human and AI-driven threats. By combining endpoint and browser intelligence with email and collaboration security, the platform now offers full visibility into how enterprise data moves from initial access to potential exfiltration across endpoints, SaaS applications, AI tools, and communication channels. At the core of the update is an expanded risk detection and governance model. The platform now provides unified visibility into data exposure risks across employees and AI agents, enabling security teams to monitor interactions across cloud environments, browsers, and connected systems.
Mimecast has also enhanced its risk scoring engine to continuously evaluate both users and AI agents based on behavior, policy compliance, and access to sensitive data. This allows organizations to better understand which entities pose the highest risk and prioritize mitigation efforts accordingly. In addition, new mapping capabilities give security teams detailed insight into which agents are accessing specific categories of sensitive data, such as customer information, financial records, source code, and internal communications.
Alongside these enhancements, Mimecast previewed its Agent Risk Center, a centralized interface designed to unify visibility and response for AI-related risks. The solution consolidates fragmented signals such as employee actions, AI agent behavior, and data movement into a single operational view. It also integrates automated workflows that allow security teams to respond quickly by notifying users, escalating incidents, enforcing controls, and generating compliance reports.
The Agent Risk Center is expected to include advanced anomaly detection capabilities that identify risky behaviors, such as unauthorized access to production systems or the use of non-approved AI models. It will also provide governance scorecards to help organizations assess their AI security maturity, along with visual risk heatmaps that highlight exposure across departments and business units. With these developments, Mimecast is positioning itself to address a growing challenge in cybersecurity managing the intersection of human and AI-driven risk. As enterprises continue to expand their use of AI, the company emphasizes the need for integrated, real-time security approaches that can keep pace with increasingly complex data environments.Recommended Cyber News:
-
Cyware Unveils Agentic Fabric to Power AI-Driven Cyber Defense Workflows
-
Torq Unveils Agentic Builder to Automate SOC Engineering with AI-Driven Workflows
-
SentinelOne and Cloudflare Expand Partnership for Unified AI-Driven Threat Detection
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
