Mimecast Incydr Adds AI and Human Risk Data Security

A significant new attack surface has emerged for enterprise data security, driven by the rapid adoption of AI agents. While a vast majority of large corporations now deploy these autonomous tools, only a small fraction have fully secured them. This gap creates a critical vulnerability, as AI agents access and share sensitive data through pathways like MCP-connected workflows and user-built automations that traditional security tools cannot monitor. Mimecast is addressing this challenge head-on with a major expansion of its Incydr data security platform, now engineered to provide runtime data security that governs both human and AI-driven risk in real time.

The core philosophy behind this evolution is a shift from intent-based detection to a more contextual approach. “The human behind the agent is the signal that changes everything,” explains Rob Juncker, Mimecast’s Chief Product Officer. He emphasizes that effective security requires understanding who deployed an agent, their historical risk profile, and how data is moving across the entire digital environment to determine the necessary intervention. This represents a fundamental rethinking of the problem as one of runtime data security, not merely a model security issue.

Building on its established foundation for preventing insider threats, Incydr’s new capabilities extend its adaptive protection into this broader arena. The expansion unifies endpoint and browser intelligence with Mimecast’s email and collaboration security, providing complete ingress-to-egress data visibility. This holistic view tracks data movement across every critical vector, from endpoints and SaaS applications to AI tools and MCP connections.

Key new functionalities are designed to close the security gap created by autonomous agents. The platform now delivers unified human and agent visibility in a single pane of glass, alongside purpose-built detection for shadow AI and unsanctioned agents. Its adaptive risk engine continuously scores both users and AI agents based on behavior, policy violations, and data access. Furthermore, granular data-to-agent access mapping allows security teams to see exactly which tools are handling sensitive categories like customer PII or source code, enabling them to control the potential blast radius. A comprehensive policy-driven governance framework rounds out these controls, allowing for classification and enforcement across all AI tools and agents.

To operationalize these insights, Mimecast is previewing the Agent Risk Center. This new console solves a critical investigation problem, where a single data loss incident might involve an employee, a commercial AI agent, and a user-built tool, with signals scattered across different systems. The Agent Risk Center consolidates this fragmented picture and connects every finding directly to actionable response.

Its engineered capabilities include an anomaly detection engine for risky agent behavior, automatically flagging patterns like unsanctioned tools accessing production databases. Governance scorecards provide CISOs with a continuous measure of their organization’s posture across four key dimensions. Department-level risk heatmaps offer visual analytics for targeted intervention, and integrated remediation workflows ensure every risk finding can trigger immediate action, from blocking access to generating compliance reports, all within a unified interface.

Mimecast is showcasing the Agent Risk Center at RSAC 2026, with an Early Access program anticipated for September. This expansion positions Incydr as a critical solution for organizations needing to secure their data in a landscape where both people and the agents acting on their behalf represent evolving risks.