Mimecast offers runtime data security for visibility and control of data exposure

Mimecast, a global cybersecurity leader in securing human and AI risk, today announced a major expansion of its Incydr offering with data security capabilities for the AI era with new features that help deliver runtime data security—a unified approach to detect, govern, and remediate data exposure, in real-time, whether the action comes from an employee or an agent acting on their behalf.

"Intent-based detection treats all agents equally. We don't, because the human behind the agent is the signal that changes everything," said Rob Juncker, chief product officer, Mimecast. "Who deployed the agent? What do we already know about them? How is data moving across email, collaboration tools, browsers, SaaS apps, endpoints, and AI-driven workflows—and what intervention is required right now? That's a runtime data security problem, not a model problem."

Mimecast’s Incydr technology has long helped organizations prevent insider-driven data loss through out-of-the-box visibility, intelligent detection via its PRISM risk engine (250-plus risk indicators), and adaptive response ranging from in-context education to real-time blocking. The new capabilities extend Incydr technology from insider-led data security into broader runtime data security for both human and AI-driven risk.

This expansion takes a new approach, combining Incydr endpoint and browser intelligence with Mimecast's email and collaboration security, delivering complete ingress-to-egress data visibility—covering the full path of enterprise data movement across endpoints, browsers, SaaS applications, AI tools, MCP connections, and email, the company said.

New and expanded capabilities are engineered to include:

• Unified human and agent visibility - A single view into data loss risk across employees and autonomous agents, spanning endpoints, cloud and SaaS applications, email, browser activity, commercial AI tools, MCP server connections, and user-developed agents.
• Shadow AI and unsanctioned agent detection - Purpose-built detection for unsanctioned AI usage, out-of-policy commercial agents, unauthorized MCP connections to production databases and critical SaaS platforms, and user-built agents operating on unapproved LLM providers or accessing production environments without security review.
• Adaptive risk scoring for people and AI agents - The Incydr risk engine now continuously scores both human users and AI agents based on behavioral anomalies, policy violations, high-risk data access, unsanctioned application usage, agent compliance posture, and exposure to critical systems and data sources (e.g., Snowflake, Stripe, PostgreSQL, AWS, Salesforce, GitHub).
• Granular Data-to-Agent access mapping - A clear view of which agents and tools access which categories of sensitive data—including customer PII, source code, financial records, internal communications, HR data, and infrastructure configurations.
• Policy-driven governance - A comprehensive governance framework for classifying and enforcing policy across all AI tools, commercial agents, MCP servers, and user-developed agents.

Additionally, the Mimecast Agent Risk Center is designed to connect every finding directly to action. Built-in agentic workflows automate the response chain—notifying users, escalating to managers, enforcing controls, and generating compliance reports—so teams act at machine speed, not human speed.

For more information about this news, visit www.mimecast.com.