The 12 Cybersecurity Platforms at the Age of AI (Part 4)
AI’s impact is most profound in platforms centered on data and content security.
Hello Cyber Builders 🖖
It has been a few weeks since the last issue of Cyber Builders. I’ve been busy building! But rest assured, we are continuing our journey into the 12 Cybersecurity Platforms and AI impacts in them. In previous parts, we explored how AI is enhancing 9 cybersecurity platforms, such as Network Security and Endpoint Detection and Response.
We’re wrapping up this series by looking at the three platforms most changed by AI. These platforms handle what people create, communicate, and trust—the softer side of cybersecurity. As we move forward, let’s examine how these areas differ from the more technical security platforms discussed earlier.
Think about it: text, images, conversations, and decisions. Data that can be leaked, manipulated, or mimicked. Threats that use persuasion, not just payloads. That’s the space of Data Security, Fraud Detection and Transaction Security, and Resiliency Platforms.
Each of these areas is already changing. Vendors are experimenting with generative AI, using it for tasks such as automated data classification, behavior-based fraud detection, and adaptive response simulations.
If you have not read the first three parts, I encourage you to review them.
AI’s impact is most profound in platforms centered on data and content security.
Recently, I explored how AI is being used in network security and SOC enablement platforms. These technical platforms have primarily leveraged AI’s generative capabilities to enhance user experience. Previously, users had to learn complex configuration or query languages like Cisco IOS or Microsoft KQL—skills often celebrated with well-known certifications. Now, AI makes it possible for anyone to simply express their intent and have the system generate the appropriate query or configuration automatically.
Data-oriented platforms have a core input: human-generated content—documents, conversations, and business processes (such as continuity plans). Unlike cybersecurity platforms focused on configuration and queries, data-centric platforms are fundamentally shaped by the people who create and exchange “content” every day.
Generative AI changes this landscape. By processing and creating human content, these platforms can automate classification, collaboration, and interpretation of unstructured data. This drives major productivity gains as AI takes over manual review and tagging, making organizations more agile and precise.
Now, let’s take a closer look at how these changes are unfolding on various platforms, beginning with data security.
Data Security
Data is leaking at an unprecedented rate as constant connectivity increases risk. Vendors are embedding AI into data protection platforms to reduce blind spots, detect misuse in real time, and remediate exposures autonomously. They are also addressing AI as a potential threat by adding features to detect sensitive data leakage on AI websites such as ChatGPT and DeepSeek.
For example, Proofpoint has enhanced its Data Security Posture Management (DSPM) with an AI-powered layer that unifies DLP, DSPM, and insider controls under a single policy engine. Their “Nexus AI” classifiers ingest context to spot sensitive data with far greater precision than legacy systems. Proofpoint’s DSPM also visualizes data lineage, maps over-permissioned access, and recommends guided remediation. In many cases, you can remove risky permissions or lock down data stores with a single click. Proofpoint
In its Microsoft 365/Copilot integration, Proofpoint detects when sensitive data may be used in AI prompts and ensures that AI workflows access only sanitized or properly labeled information. Proofpoint
On Microsoft’s side, the illegitimate use of AI is seen as a threat. Microsoft updated Purview DSPM into the AI domain. Their DSPM for AI module gives you visibility into how employees use Copilot, ChatGPT, and other generative AI tools with sensitive data—and allows you to create policies to capture or block risky prompt content. Microsoft Learn
Purview DSPM for AI also provides real-time risk assessments of AI interactions, suggests correctional policies, and classifies sensitive content sent through third-party AI apps using browser extensions or network inspection. Microsoft Learn. DSPM for AI will use NetFlow or egress monitoring to track where sensitive data is going. This helps admins examine networks, spot exfiltration, and adjust rules as needed. (Technet)
Netskope is also layering AI into data protection by folding DSPM into Netskope One and extending its collaboration with Microsoft. With their integration into Microsoft Purview, Netskope can apply Purview DLP policies to broader network traffic and SaaS interactions—not just within Microsoft apps—and detect AI-generated data flows. (Netskope). Their Netskope One DSPM solution offers continuous, real-time visibility into sensitive data posture, flags risky interactions or misconfigurations, and helps security teams unify data governance across SaaS, cloud, and network layers. Netskope
Fraud Detection & Transaction Security
Fraud is becoming more sophisticated through AI augmentation, but defensive tools are evolving as well. Platforms now use advanced AI to detect subtle misuse, reduce false positives, and ensure legitimate transactions proceed smoothly.
Mastercard’s Decision Intelligence Pro is a standout example. This generative-AI-enhanced version of their transaction decisioning system analyzes up to one trillion data points, combining purchase history, device data, merchant relationships, and more to decide in milliseconds whether a transaction is genuine.
Thanks to this, banks using Mastercard’s network can spot compromised cards earlier, approve more legitimate transactions, and reduce the cost and friction of fraud. Mastercard
Ping Identity’s PingOne Protect tackles fraud at every step of the user journey. It combines identity, behavior, and device signals to assess risk and stop fraud early, all while keeping the user experience smooth. The system monitors device telemetry, network, and browser context, behavioral patterns, bot indicators, and more. Based on this, it assigns risk scores and takes the right action.
Feedzai offers a real-time risk-scoring and fraud-detection platform that operates across payments, retail, and banking channels. Their system uses machine learning models to evaluate transactions, detect anomalies, and adapt to evolving fraud patterns. They support multiple payment types, geographies, and channels—all through a single AI-driven platform that constantly learns and evolves. Feedzai
Sardine’s AI Risk Platform blends device intelligence, behavioral biometrics, and contextual data—from email and SSN patterns to geo and banking signals—to spot fraud as it happens. A neobank would cut its fraud rate while leveraging Sardine’s AI-driven detection capabilities. Device and behavior signals were pivotal. sardine.ai
Resilience Platform
Rubrik’s recently introduced Agent Rewind enables enterprises to “rewind” missteps made by AI agents across data, configuration, and workloads. It captures full context: prompts, memory states, tool usage, root-cause mapping, and offers selective rollback to a clean state—without full downtime or massive restores. Rubrik
When an autonomous agent accidentally deleted production data, Rubrik’s technology traced the prompt, isolated the change, and reversed the action—all while maintaining other operations intact. This shifts a backup/recovery platform from simply “store and restore” to “observe, audit, and rewind” in real-time when AI operations go off-script. Blocks and Files
Cohesity’s Data Cloud platform has embedded GenAI and RAG (retrieval-augmented generation) capabilities through tools like Gaia and the new “cyber recovery assistant”, enabling smarter incident response and recovery workflows. wwt.com
The system allows users to ask natural-language questions of their backup data, detect anomalies, trace threat activity, and execute recovery blueprints with AI guidance. For example, during a ransomware event, the platform can scan snapshots for signs of infection, help isolate affected data, and then restore from the cleanest point, all guided by AI-driven insights. Cohesity
Conclusion
Looking forward, the role of AI in resiliency platforms is expected to evolve rapidly. With predictive features, these platforms promise to anticipate potential threats before they occur, enabling preemptive measures to mitigate risks.
To truly protect data, fight fraud, and ensure resilience, platforms must use AI to reduce complexity and provide smarter, more adaptive responses. This dual focus is essential for both immediate and long-term security.
In my last post of the series, I will wrap up the impact of AI on the 12 Cybersecurity platforms.
Let me know what you think—it is a conversation!
Laurent 💚
Was happy to see issue 4. Thanks, I am still getting caught up but good read!