Mimecast adds AI investigation and adaptive controls to manage human risk

Mimecast has announced major platform capabilities designed for a new enterprise reality as AI agents and automated workflows scale across the business and establish the human layer as the new security control plane.

According to Mimecast’s The State of Human Risk 2026, 98% of organizations now use AI to defend against threats, yet 80% are concerned about sensitive data exposure through generative AI tools and 60% still lack strategies to address AI-driven threats. At the same time, the number of actively deployed AI agents worldwide is set to grow significantly over the coming years.

The proliferation of AI across businesses is exposing new pathways for data leakage, impersonation, insider risk, and policy drift. Mimecast’s latest platform enhancements help security teams meet that challenge with adaptive controls, AI-powered investigation, and open ecosystem integrations that secure how employees and AI tools interact in real time.

“Every AI agent, every automated workflow ultimately depends on a human to direct it, approve its actions, and govern its behavior,” said Ranjan Singh, Chief Product and Technology Officer at Mimecast. “That means the enterprise AI era will not be secured by isolated tools or static policies. It requires a connected platform that can understand behavior, detect risk, protect sensitive data, and adapt controls in real time. That is exactly where Mimecast is focused.”

Mimecast helps enterprises move beyond disconnected point products and protect the spectrum of human risk across email, collaboration, identity, insider activity, and generative AI usage. The following enhancements deliver on that vision with measurable improvements in detection accuracy, data protection, and policy enforcement.

Investigate at machine speed and respond using AI and adaptive controls

Mimecast data shows that just 8% of employees account for 80% of security incidents, yet only 28% of organizations coordinate security training with continuous monitoring. These capabilities ensure simplicity in the workflows that close that gap.

• Automated, adaptive security policies: The Mimecast platform now allows more flexibility to automatically adjust security controls based on individual user risk levels, leveraging insight from the Human Risk Command Center. High-risk users receive tighter controls instantly, low-risk users maintain productivity. Security policies evolve with behavior rather than waiting for manual intervention.
• AI-powered investigation and response: The new Mimecast Mihra Investigation Agent saves security teams valuable time by synthesizing events, summarizing findings, and recommending actions to resolve incidents and improve response times. It’s the latest in a growing suite of Mimecast Mihra Agents designed to help customers proactively identify, assess, and prevent threats.
• Streamlined incident response workflows: Redesigned response capabilities deliver 78% faster resolution of reported messages through AI-powered campaign identification, simplifying incident response for organizations that outsource security operations.

An open platform that fits how security teams work

Security teams do not operate in a single vendor world. They work across multiple tools, data sources and workflows, yet too many security architectures still force teams into fragmented operations and manual response. Mimecast’s latest enhancements are built to fit the way security teams actually work: open, integrated, and centered on measurable user risk.

• Bring your own AI via the Mihra MCP Gateway: Organizations can now connect Mimecast investigation workflows directly into their existing AI platforms like Claude or Gemini, accelerating threat response through familiar environments without forcing teams onto another siloed interface.
• Expanded ecosystem intelligence across the human risk surface: The Human Risk Command Center now correlates signals across email, endpoint, identity, data, generative AI, and other third-party security tools, giving CISOs a unified view of organizational risk and enabling more coordinated action.
• Modernized API-based deployment: Mimecast’s full detection stack is now available through API-based deployment, with complete threat protection and no MX record changes required.

Protection across the platform

Mimecast is delivering measurable gains in detection and protection across its platform, with new capabilities designed to address the broad spectrum of AI-driven threats, from sensitive data leaking into unsanctioned AI tools to increasingly sophisticated, AI-generated attacks.

• Controls for shadow AI and sensitive data exposure: With Incydr Data Protection, organizations can better prevent sensitive data from reaching unsanctioned AI tools and help ensure that approved enterprise data is used only in compliant, authorized environments.
• Multi-Vector Threat Protection: Now enhanced for all Mimecast customers, Multi-Vector Threat Protection delivers 99.998% detection accuracy by correlating signals across multiple detection mechanisms to identify sophisticated, coordinated campaigns that isolated security engines miss, while simplifying policy management.
• Enhanced business email compromise protection: BEC protection now detects impersonation and social engineering attacks across 20 languages, with detection rates improving 5%+ quarterly as the system continuously learns from emerging attack patterns observed across Mimecast’s global threat intelligence network of more than 1.7 billion emails inspected per day.