Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cyberhaven

LLM Access Controls and Audit Logging for Security Teams: A Practitioner's Guide

May 20, 2026 By Cyberhaven In Cyberhaven
Most organizations have an acceptable use policy for AI tools. Very few have controls that actually enforce it. The gap between what the policy says and what security teams can detect is where insider risk lives when it comes to large language model (LLM) usage.
Read Post

Your Browser Is Stealing Your Data Right Now

May 20, 2026 By Cyberhaven In Cyberhaven
In this video, you will learn how lightweight OS-level instrumentation binds lineage metadata to clipboard content the moment data is copied, how that tag survives edits, reformatting, and translation across applications, and how provenance-based policy replaces pattern matching with precision rules tied to the actual source of the data. You will also learn how pairing network tools with a browser extension captures user intent before encryption, eliminating the alert fatigue that buries real risk in noise.
View Video
cyberhaven

Why Legacy DLP Fails Against Agentic AI

May 19, 2026 By Cyberhaven In Cyberhaven
Security teams that deployed legacy DLP years ago built something real. The rules fire. The alerts go out. Compliance boxes get checked. The problem is not that those programs stopped working. It is that the threat moved, and the architecture did not. Agentic AI has introduced a class of data movement that legacy DLP was never designed to govern: autonomous, continuous, multi-step, and operating at machine speed across systems that static rules cannot enumerate in advance.
Read Post
cyberhaven

How to Measure the ROI of an Insider Risk Management Program

May 15, 2026 By Cyberhaven In Cyberhaven
Security leaders don't struggle to justify the need for insider risk management (IRM). They struggle to justify the budget. When the CFO or board asks why you're spending seven figures on a program to monitor your own employees, "because insider threats are real" isn't enough. Cyberhaven data shows office-based employees are 77% more likely to exfiltrate sensitive data than remote workers, and that risk spikes further during offsite logins and workforce transitions.
Read Post
cyberhaven

DSPM Buyer's Guide: 7 Criteria for Evaluating DSPM Tools

May 14, 2026 By Franklin Nguyen In Cyberhaven
Most data security posture management (DSPM) evaluations start with a deceptively simple question: where does our sensitive data live? There are many tools that answer that question. However, the number of tools that go further by tracking how data moves, enforcing controls when data leaves controlled environments, and closing the gap between visibility and action are far more limited.
Read Post
cyberhaven

Cyberhaven & Torq: Bringing AI-Powered Automation to IRM and DLP

May 14, 2026 By Iulia Stefoi-Silver In Cyberhaven
Sensitive data has become the target, the signal, and the source of risk in nearly every modern security program. Source code, customer records, intellectual property, credentials, and regulated data now move continuously across endpoints, cloud apps, SaaS platforms, browsers, collaboration tools, and GenAI applications. That movement is not inherently bad. It is how modern work gets done.
Read Post

Your Browser Is Leaking More of Your Company's Data Than You Think

May 13, 2026 By Cyberhaven In Cyberhaven
In this video, you will learn why agentic browsers like ChatGPT Atlas, Perplexity Comet, and Arc have turned the browser into a double agent inside your enterprise, how shadow adoption is bypassing MDM and endpoint controls in days, and why indirect prompt injection creates an attack surface your file-based DLP cannot see. You will also learn how data lineage replaces noisy content inspection with origin-and-destination tracking, so you can stop the leak without blocking the tools your business depends on.
View Video
cyberhaven

Visibility Is Not Enough: The Case for Control at the Endpoint

May 12, 2026 By Cyberhaven In Cyberhaven
Most security programs have more visibility than ever. Dashboards are full. Alerts are firing. And incidents are still happening. That contradiction is not a coincidence. It reflects something most security vendors have quietly avoided saying out loud: Visibility and control are not the same thing, and for a long time, the industry has been selling one while calling it the other.
Read Post
cyberhaven

How to Build an Agentic AI Governance Framework

May 11, 2026 By Cyberhaven In Cyberhaven
AI agents are already running inside your organization. They are accessing files, calling APIs, and executing multi-step workflows with no human reviewing each action. Most governance programs were not designed for this. They were built around policies for human users, controls for known data channels, and audits that happen after the fact. None of those structures were designed to govern systems that act at machine speed across every environment where data lives.
Read Post
cyberhaven

Endpoint AI Agents: The New Security Blind Spot

May 11, 2026 By Bruce Chen In Cyberhaven
Security teams that have invested in AI governance programs over the past two years face a problem that those programs were not designed to solve. The controls built to manage generative AI, network proxies, browser monitoring, and SSO enforcement work when data moves through defined channels. Endpoint AI agents do not move through those channels. They run locally, operate at the OS level, and access data through pathways that exist entirely outside your current visibility.
Read Post
cyberhaven

Cyberhaven Analyst Plugin: AI-Assisted Security Investigation in Claude Code and Codex

May 8, 2026 By Cole Padula In Cyberhaven
Security teams have a data problem. Not a shortage of data, but instead there is a growing data surfacing problem. The signals are there, the incidents are logged, and the classifications exist. But, getting from raw data to a prioritized action plan still requires close to an hour of manual querying, tab-switching, and context reconstruction, every single time. The Cyberhaven Analyst Plugin changes that.
Read Post
cyberhaven

Agentic AI Security: Visibility and Control for AI Agents at Work

May 7, 2026 By Kasi Annamalai In Cyberhaven
Security teams have spent years tracking what employees do with data. The harder problem now is tracking what agents do on their behalf. AI agents, whether running in an IDE, installed locally on a laptop, or connected to internal data through a model context protocol (MCP) server, operate with the permissions of the user who deployed them. They read files, query databases, call external APIs, and generate outputs. And in most enterprise environments, security teams have no reliable way to see any of it.
Read Post
cyberhaven

The Fastest-Growing AI Categories in the Enterprise Are Also the Riskiest

May 6, 2026 By Mick Jeon In Cyberhaven
Security teams often focus governance efforts on the most popular AI tools. But the real risk question isn't which tools employees use most. It's which tools are growing fastest and what data those tools can reach. New data from Cyberhaven Labs shows that the AI categories posting the largest year-over-year growth numbers are the same categories with privileged access to source code, credentials, customer contracts, and internal architecture.
Read Post
cyberhaven

Best Tools for Data Discovery and Classification in 2026

May 6, 2026 By Cyberhaven In Cyberhaven
Data discovery has fundamentally changed over the last two years. The question is no longer just "Where is our sensitive data?" Organizations that stop there have a map but no enforcement. The tools that actually reduce risk answer a harder set of questions: Where did the data come from? Where is it going? Who touched it? And can we stop it before it causes damage?
Read Post

What Your Data Loss Prevention Tool Misses Every Single Day

May 6, 2026 By Cyberhaven In Cyberhaven
In this video, you will learn why legacy DLP tools go blind when sensitive data is copy-pasted into generative AI tools, how Data Lineage fingerprints information at its origin to track it across transformation within an environment, and how operating system-level monitoring eliminates the encryption blindness that limits browsers and firewalls. You will also see how to build context-aware paste policies that allow productive AI use while blocking high-risk data flows from sources like source code repositories, Salesforce, and internal wikis.
View Video
cyberhaven

Standalone Browser Extension: Data Security Without the Endpoint Agent

May 6, 2026 By Ben Crocker In Cyberhaven
Most enterprise data security tools are built for a world where IT owns and manages every device. That world no longer exists. Contractors work from personal laptops. Entire teams run ChromeOS. Frontline workers access corporate systems through shared or unmanaged devices. And every one of those browser sessions can involve uploads, downloads, copy-paste, and form inputs touching sensitive data.
Read Post
cyberhaven

How to Deploy DSPM Across Multiple Cloud Environments

May 4, 2026 By Cyberhaven In Cyberhaven
Most enterprises are not running on a single cloud. The vast majority of organizations now operate in hybrid or multi-cloud environments and sensitive data follows wherever workloads go. Regulated files end up in S3 buckets. PII lands in BigQuery development tables. Source code copies into Azure Data Lake repositories that no policy anticipated. The problem is not that organizations chose to spread data across clouds. The problem is that most security programs were not built to track it.
Read Post
cyberhaven

DLP Buyer's Guide: 8 Criteria for Evaluating Data Loss Prevention Solutions

May 4, 2026 By Cyberhaven In Cyberhaven
Every DLP evaluation starts with the same frustration: The tools that dominated the market a decade ago were built for a threat landscape that no longer exists. Sensitive data now moves across SaaS platforms, AI tools, encrypted messaging apps, and personal cloud accounts, often in ways no file-level policy can follow. If you are evaluating DLP for the first time or replacing a tool that has underdelivered, this guide gives you the framework to ask the right questions and recognize the right answers.
Read Post
cyberhaven

The Three Pillars of Durable Data Security: Presence, Lineage, and AI

May 1, 2026 By Cyberhaven In Cyberhaven
Every security vendor now claims artificial intelligence (AI) capabilities. Foundation models are becoming increasingly interchangeable, and the gap between what vendors promise and what programs actually deliver is widening. The question worth asking is not which vendor has the best model. It is: what is the model running on? The answer to that question determines whether a data security program hardens over time or requires constant manual maintenance.
Read Post
cyberhaven

How DSPM Improves Compliance for Enterprises

May 1, 2026 By Cyberhaven In Cyberhaven
Regulatory compliance is one of the most operationally expensive obligations security and legal teams carry. GDPR, HIPAA, CCPA, PCI DSS, and CMMC all require organizations to demonstrate, on demand, that they know where regulated data lives, who can access it, and how it is protected. Most enterprises struggle to meet that standard because they are trying to answer a continuous question with a periodic process.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.