SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Devvret rishi x annekagupta
#
Data Protection
#
DR
#
PAM

Rubrik deepens identity security & AI governance push

Mon, 23rd Mar 2026
Author image
By Joseph Gabriel Lagonsin, News Editor

Rubrik has launched an integration with Microsoft Defender and introduced its Semantic AI Governance Engine, expanding its focus on identity security and AI oversight.

The Microsoft integration connects Defender's identity threat detection with Rubrik's identity rollback and recovery tools. The second announcement centres on SAGE, a governance engine for AI agents that uses a small language model to interpret policies and trigger remedial action when needed.

Identity response

The integration is aimed at organisations facing identity-based attacks across hybrid environments. It allows joint customers to investigate incidents by matching threat alerts with identity changes, reverse malicious modifications and restore systems to what Rubrik describes as a trusted state.

Rubrik argues that many security products can identify attacks but still leave remediation to security teams. It cited research from Rubrik Zero Labs showing that 90 per cent of IT and security leaders view identity-driven cyberattacks as their organisation's top concern.

Anneka Gupta, Chief Product Officer at Rubrik, said the company is trying to close that gap. "Detection is only half of the battle," Gupta said. "Organisations need the ability to quickly and surgically reverse malicious identity changes and completely restore their infrastructure. By combining Microsoft Defender's threat detection with Rubrik Identity Resilience, we give security and IAM teams the power to move from a detected compromise to a trusted, recovered state in hours, instead of days."

Rubrik says the product can restore identity states using immutable recovery points while maintaining visibility across Active Directory and Entra ID. Customers can also reverse malicious identity changes without carrying out full domain restores.

The launch builds on a broader push into identity resilience. Over the past 15 months, Rubrik has added recovery for Active Directory and Entra ID, expanded protection to multiple identity providers including Okta, and integrated with CrowdStrike Falcon Identity Protection as well as Microsoft Defender.

AI Governance

The second announcement focuses on managing autonomous AI agents, an area where companies are trying to set rules for how software agents access systems and act on data. Rubrik says SAGE is intended to replace fixed, rule-based oversight with policy interpretation that understands meaning and context in natural language.

According to the company, older governance tools depend on deterministic rules that struggle with the less predictable actions of AI agents. SAGE is designed to interpret the intent behind a policy rather than rely on keyword matching alone.

In practice, that means a policy written in plain language can be translated into machine logic and applied in real time. The engine can also identify ambiguous guardrails and recommend refinements before violations occur.

Devvret Rishi, General Manager of AI at Rubrik, said the product reflects a shift in how companies will manage AI agents. "SAGE marks a pivotal moment in AI security as we shift the focus from if agents can be deployed to how they can be governed at scale," Rishi said. "With SAGE, we can move beyond simple monitoring to a future where AI helps us govern AI agents. Now, we give CISOs the guardrails they need to let their AI agents run at full speed without compromising the security and integrity of the enterprise."

Rubrik says SAGE also works with a feature called Agent Rewind, which is intended to undo destructive actions by agents and restore data integrity. The company presented this as a response to concerns that AI systems can make changes at a speed and scale that are difficult for administrators to track manually.

Benchmark claims

Rubrik also disclosed benchmark results for its custom small language model against OpenAI's GPT-5.2. It said the model processed messages five times faster, detected violations more accurately and reduced the computing overhead associated with real-time monitoring.

The announcement did not include fuller methodological detail, but the comparison supports Rubrik's argument for using a smaller, domain-specific model rather than a general-purpose large language model for AI governance tasks.

Taken together, the two launches show Rubrik pushing further beyond backup and recovery into operational security products tied to identity systems and AI controls. The Microsoft integration is intended to shorten recovery times from days to hours, while SAGE is designed to give administrators direct, real-time oversight of autonomous agent behaviour.

Related stories
Anthropic launches Claude Opus 4.7 with stronger coding
CIQ launches Linux compliance platform ahead of deadlines
Your.Cloud acquires Pure Cloud Solutions in UK push
Emerson & OPSWAT strike global reseller deal for OT patching
OVHcloud adds Quandela Belenos quantum computer to platform

Top stories

Team Cymru launches Total Insights Feeds for threat data
FIRST conference highlights AI & CVE disclosure push
Protegrity launches AI Team Edition for secure inferencing
CERN joins OpenSearch foundation as associate member
OpenAI launches Trusted Access for Cyber with major names