Mimecast Expands Incydr with Runtime Data Security for AI and Human Risk

The rapid adoption of generative‑AI agents in Fortune 500 enterprises has created a blind spot for traditional security stacks, which were built around human‑centric threats. Mimecast’s extension of Incydr into runtime data security directly addresses this gap by extending visibility beyond email and collaboration tools to include endpoint activity, browser sessions, and AI‑driven workflows. By treating agents as first‑class entities, the platform can surface data‑exfiltration attempts that would otherwise slip through legacy controls.

At the heart of the upgrade is a unified risk engine that scores both people and autonomous agents on more than 250 indicators, from anomalous data access to unsanctioned MCP connections to critical SaaS platforms such as Snowflake and Salesforce. The solution also maps exactly which agents touch sensitive categories—PII, source code, financial records—enabling security teams to quantify an agent’s blast radius and apply granular policies. Shadow‑AI detection flags tools like DeepSeek or user‑built LLM pipelines that operate outside approved vendor lists, reducing the attack surface introduced by “shadow” applications.

The Agent Risk Center builds on these capabilities by consolidating disparate alerts into a single interface and linking each finding to automated response playbooks. Integrated remediation can block access, notify users, create tickets, or generate compliance reports without manual intervention, dramatically shrinking response times. Governance scorecards and department‑level heatmaps give CISOs a continuous view of policy coverage and risk posture, supporting audit readiness and strategic risk mitigation. As AI agents become ubiquitous, solutions that blend insider‑risk management with AI‑aware controls are poised to become a baseline requirement for enterprise security programs.