The expansion introduces runtime data security to monitor data exposure from employees and AI agents across email, SaaS and web environments.
Global cybersecurity firm Mimecast has announced an expansion of its Incydr technology to address data security risks associated with the use of AI agents. The update, which includes a preview of the new Agent Risk Center, was presented at the RSAC Conference 2026.
These features are designed to provide runtime data security by detecting and managing data exposure in real-time, whether initiated by employees or automated agents.
AI agents often interact with sensitive information through channels that traditional security monitoring may not cover, such as MCP-connected workflows and user-built automations. The updated Incydr technology aims to provide visibility into these pathways across email, collaboration tools, and SaaS applications.
Rob Juncker, Chief Product Officer, Mimecast, stated: “Intent-based detection treats all agents equally. We don’t, because the human behind the agent is the signal that changes everything. Who deployed the agent? What do we already know about them? How is data moving across email, collaboration tools, browsers, SaaS apps, endpoints, and AI-driven workflows — and what intervention is required right now? That’s a runtime data security problem, not a model problem.”
The expanded capabilities focus on several technical areas. Unified Human and Agent Visibility provides a single view of risk across various platforms, including cloud applications and browser activity. Shadow AI Detection identifies unsanctioned AI tools or unauthorised MCP connections to production databases.
Furthermore, the platform uses a risk engine to assign scores to both human users and AI agents based on behavioural patterns and compliance posture.
The system also includes Granular Data-to-Agent Access Mapping, which allows security teams to see which agents are accessing specific categories of data, such as source code or financial records. This is supported by a governance framework that classifies AI tools as sanctioned or unsanctioned and manages acceptable use policies.
The Agent Risk Center is designed to consolidate fragmented data into a single experience. It utilises an anomaly detection engine to surface patterns, such as user-developed agents accessing non-sanctioned providers. It also provides governance scorecards to assess organisational posture across policy coverage and compliance.
Stay updated on crypto and AI by following our socials.
