Cyberhaven expands AI security to track shadow agents

Cyberhaven has expanded its Unified AI & Data Security Platform to cover autonomous AI agents across enterprise workflows. The update comes amid a sharp rise in the use of AI-native applications and coding assistants on corporate endpoints.

The company has introduced a new Agentic AI Security offering, an Analyst Plugin for AI assistants including Claude Code and Codex, and a standalone browser extension for ChromeOS, contractor devices and unmanaged endpoints.

The changes target what Cyberhaven describes as "shadow agents" - AI systems operating outside the visibility and control of security teams. Many existing security tools focus on cloud-based AI services and offer limited visibility into agents running locally in developer tools, integrated development environments and desktop applications.

According to Cyberhaven Labs, enterprise adoption of endpoint-based AI-native applications has risen 509% over the past year, while adoption of coding assistants has increased 357%. As those tools take on more autonomous tasks, they are gaining broader access to data and internal systems.

That shift matters because locally running agents can inherit employee identities and permissions, giving them access to sensitive information and the ability to act across production systems. Cyberhaven's latest products are designed to help security teams discover those agents, monitor their activity and apply policy controls at runtime.

Three layers

The new Agentic AI Security product is structured around three layers: discovery, observability and controls. The discovery layer is designed to maintain an inventory of AI agents, generative AI applications and MCP servers across an organisation, including agents running on endpoints, and to assign risk scores across five dimensions.

The observability layer focuses on reconstructing the execution lifecycle of each agent interaction, including the data accessed, tools invoked, actions taken and multi-turn conversation context. The controls layer is intended to apply policy guardrails at the prompt and response level, with user-facing explanations instead of generic block messages.

A common thread across the platform is data lineage, which links an agent's actions to the data involved, its origin, its contents and where it moved afterward. Cyberhaven says this gives analysts more context when reviewing incidents.

"The way enterprises use AI has fundamentally shifted," said Nishant Doshi, chief executive officer of Cyberhaven. "AI is no longer just generating content. It is executing work. These agents have access to data, tools and systems, operating with a level of autonomy the industry has not seen before. Most governance programs still focus on what users type into AI, not on what AI agents are actually doing. Security has to operate in real time, at the point where AI is taking action. That is what Cyberhaven is addressing with today's launch."

The Analyst Plugin is one of the more workflow-focused additions. It brings Cyberhaven's security signals into AI assistants and other MCP-compatible clients, with more than 40 pre-built security skills and more than 20 analysis agents for tasks such as incident triage, generative AI exposure analysis, user risk profiling and executive reporting.

The plugin also supports actions within analysts' existing workflows, including closing duplicate incidents and carrying out triage decisions. That reflects a broader push across the security software market to embed investigation and response tools directly into analysts' existing work environments rather than requiring them to switch between multiple systems.

Endpoint reach

The standalone browser extension extends Cyberhaven's data loss prevention approach to devices that may not run a full endpoint sensor. It can monitor uploads, downloads and copy-and-paste activity with content inspection, and is managed through the same interface used for endpoint deployments.

That may broaden coverage for organisations working with contractors, mixed device estates and systems outside standard corporate management. Browser-based monitoring has become more relevant as work shifts between managed laptops, personal devices and lightweight operating environments such as ChromeOS.

Cyberhaven framed the launch around a governance gap created by the speed of AI adoption in businesses. As generative AI tools evolve into software agents that can take action rather than simply respond to prompts, security teams are under pressure to understand not just which tools employees use, but what those tools are doing and what data they can access.

Saro Subbiah, senior vice president of engineering at Cyberhaven, said this lack of visibility is now a common concern among security leaders. "Every CISO is wrestling with the same blind spot: they don't know which AI agents are operating in their environment, let alone what data they're touching," said Subbiah. "Our Agentic AI Security leverages the data lineage foundation we have perfected over the years, providing the context that makes the difference between an alert and a successful investigation."