Cyberhaven Solves the 509 percent Surge in Shadow AI

Cyberhaven empowers security analysts with an extensible platform and workflow-native capabilities built to govern the surge of agents in the enterprise

MOUNTAIN VIEW, CA – May 5, 2026 – Cyberhaven today announced an expansion of its Unified AI & Data Security Platform to govern autonomous agents and protect data across enterprise workflows. This announcement introduces Agentic AI Security, which enables security teams to discover, monitor, and control AI agents; the Analyst Plugin, which turns every analyst into a power user by embedding Cyberhaven's intelligence into AI assistants such as Claude Code and Codex; and a Standalone Browser Extension that extends data loss prevention to ChromeOS, any browser-capable contractor device, and unmanaged endpoints.

Enterprise AI Agent Adoption is Accelerating

AI is rapidly shifting from chat-based tools to autonomous agents operating on endpoints. According to Cyberhaven Labs research, enterprise adoption of endpoint-based AI-native apps has grown 509% over the past year, and enterprise adoption of coding assistants has jumped 357% year over year. These agents are being given increasing access to data and systems, unlocking productivity gains while introducing a largely unaddressed governance challenge: shadow agents, AI systems operating outside enterprise visibility and control.

“The way enterprises use AI has fundamentally shifted,” said Nishant Doshi, CEO of Cyberhaven. “AI is no longer just generating content. It is executing work. These agents have access to data, tools, and systems, operating with a level of autonomy the industry has not seen before. Most governance programs still focus on what users type into AI, not on what AI agents are actually doing. Security has to operate in real time, at the point where AI is taking action. That is what Cyberhaven is addressing with today’s launch.

Agentic AI Security: Govern Shadow Agents Across the Enterprise

Most security tools built for cloud-based AI are blind to agents running locally on endpoints in developer tools, integrated development environments (IDEs), and desktop applications. These shadow agents often inherit employee identity, gain access to sensitive data, and can execute bulk operations across production systems.

Cyberhaven’s Agentic AI Security addresses this through three integrated layers:

• Discovery provides a continuously maintained inventory of new and emerging AI agents, GenAI applications, and MCP servers across the enterprise, including shadow agents running locally on endpoints, with Risk IQ scores across five dimensions.
• Observability reconstructs the full execution lifecycle of every agent interaction: the data accessed, the tools invoked, the actions taken, and the complete multi-turn conversation context, so violations that unfold across multiple steps surface automatically.
• Controls enforce runtime policy guardrails at the prompt and response level, replacing generic block pages with plain-English explanations that coach users toward sanctioned behavior rather than simply blocking them.

Data Lineage makes this possible. Where other agentic security tools report what an agent did, Cyberhaven connects every agent action to the data it touched, where that data originated, what it contained, and where it went next. That is the difference between an alert and an investigation.

"Every CISO is wrestling with the same blind spot: they don't know which AI agents are operating in their environment, let alone what data they're touching," said Saro Subbiah, SVP of Engineering at Cyberhaven. "Our Agentic AI Security leverages the data lineage foundation we have perfected over the years, providing the context that makes the difference between an alert and a successful investigation.

Product Releases Expanding Agentic AI Security Capabilities 

• Cyberhaven Analyst Plugin: Turns every analyst into a power user by bringing Cyberhaven's security signals directly into Claude Code, Codex, and any MCP-compatible client. The plugin ships with more than 40 pre-built security skills and more than 20 specialized analysis agents that run complete, multi-step workflows for incident triage, GenAI exposure analysis, user risk profiling, and executive reporting, with skills that can also close duplicate incidents and execute triage decisions inside the analyst's existing workflow.
• Standalone Browser Extension: Extends data loss prevention to ChromeOS, contractor devices, and unmanaged endpoints with no endpoint sensor required. Traces uploads, downloads, and copy-paste activity with content inspection applied, and is managed through the same interface used for endpoint deployments.

To learn more and register for today’s live launch event, visit https://events.cyberhaven.com/agentic-ai-launch/.