Transcript
Today I'm joined by Ana. Ana, welcome. Thanks, Kelsey. This month's release is all about one thing, turning scattered security signals into operational context. That way teams can see what's happening, understand what matters, and then actually do something about it. Love it. So in this first bucket, we've got a new way to see how AI agents connect to identities, tools, and sensitive data, a trends view in Omni DLP that helps you spot recurring risky behaviors rather than one-off alerts, new data retention policies to reduce stale and over-retained data as part of data minimization, a wave of new integrations to bring Sierra's data intelligence into the tools teams already use, and an AI security readiness assessment to benchmark your maturity and build a clear roadmap. Let's start with a headline, AI agents. Everyone's building them, everyone's deploying them, and security keeps finding out after the fact. That's exactly why we introduced Sierra Agent Security Graph. It's their surveillance layer for agentic AI. It gives security teams a living, unified view of the anatomy of their agent, showing it how it connects identity, tool access, and data exposure so that you can see how agents reach, move, and expose sensitive data. Okay, so what am I actually seeing in the graph? You're seeing the full anatomy of an agent, so who can access it and who can trigger it, where it can be accessed like Slack or other interfaces your teams use, what knowledge it can pull from, like connected knowledge bases or databases, and what actions it can take once it has that access. That way you can continuously audit the gap between intent and behavior. Okay, now let's talk DLP. Teams are buried in alerts and worried that real leaks are still happening. What's the fix? Firstly, if you're investigating alerts one at a time, you'll never get ahead. It's all about the bigger story. That's why we built DLP Trends. Instead of thousands of seemingly unrelated alerts, you see a handful of behavioral trends across groups of users. This means you can identify and fix the root cause, like updating a policy or retraining a department, and stop repeat violations. So then I'm not just chasing the loudest alert anymore. It's more than that. We're mass-correcting patterns of unusual or risky user activity, like employees moving company IP into their personal chat GPT, or BCCing external users. It also surfaces content-based trends like PII, credentials, and customer records. And under the hood, we're using LLM-based detection to catch patterns that no one has thought to look for yet. And this includes ones unique to your organization. Okay, everyone knows they should clean up data they don't need or data that's past retention policy. How are we making this practical? We just launched data retention policies, which help find the data that's actually driving your risk, especially the stuff that's past retention or just sitting there stale. Instead of a blanket rule like delete anything seven years old, you can get really surgical. So could I say, show me regulated PHI that hasn't been touched in a year? Absolutely. We can also define file age and activity, like when it was created, last modified, and in some environments, last accessed. And for Microsoft users, we can also give you visibility into purview retention labels. We know security teams live in a lot of different tools, and not to brag, but Sierra has a lot of friends in the industry. Ana, can you tell me about a few of our new integrations? Definitely. Since most tools only see part of the picture, they don't always know what data is actually at risk. So we're bringing Sierra's deep data and risk context into additional platforms that you use every day. That way, your risk can be more accurately prioritized and result in faster and more confident actions. Last up, AI readiness. Everyone wants to ship AI features like yesterday, but people aren't feeling prepared. What are we doing to help? We launched the AI security readiness assessment. Sierra experts evaluate your entire AI lifecycle, from governance and infrastructure to data security. That way, you can establish a clear baseline before risks materialize. Got it. What's the takeaway from the assessment? You get a roadmap designed for action. This includes an executive maturity scorecard, a full gap analysis, and most importantly, a 12-month implementation plan with quick wins for the first 90 days. Okay, if you take away one thing from today, let it be this. Modern security isn't just about finding more risks. It's about having the clarity to finally fix them. Thanks so much for chatting with me today, Ana. Of course. Thanks so much for having me, Kelsey. And thanks to all of you for watching today. For the full technical deep dive on everything we covered, head on over to sierra.com slash the landing.
