Bedrock Data Expands ArgusAI to Govern the Enterprise AI Risk Surface
Bedrock Data, a platform provider for data-centric security, governance, and management, has announced a significant expansion of Bedrock Data ArgusAI. Initially launched to map AI systems to their data and validate guardrails, ArgusAI now governs what Bedrock Data defines as the enterprise AI risk surface. This surface encompasses the full exposure chain created across three core components:
- The AI agents enterprises are deploying.
- The Model Context Protocol (MCP) servers and connectors that facilitate their access to enterprise systems and data.
- The sensitive data these systems can retrieve, index, and act upon.
As part of this expansion, Bedrock Data will also release its own MCP server, providing enterprise AI workflows direct access to data risk context from the Bedrock Metadata Lake.
The Need for Enhanced Governance
AI introduces non-deterministic data access patterns that traditional security tools were not designed to govern. Organizations require a clearer view of how AI systems interact with enterprise data to effectively manage emerging risks. Gartner predicts that by 2028, 25% of enterprise breaches will be traced back to AI agent abuse, yet most security teams lack a systematic method to track what their agents can access and through which services.
According to Bedrock Data’s 2025 Enterprise Data Security Confidence Index, 60% of security teams have taken on AI governance responsibilities, while 53% still lack real-time visibility into their sensitive data assets. Without a clear map of the AI risk exposure chain, security teams cannot reliably limit the blast radius as AI adoption accelerates.
Understanding the AI Footprint
As enterprises operationalize AI, risk is defined by what these systems can access. ArgusAI provides teams with a complete map of the AI footprint, allowing them to govern the AI risk surface end-to-end and scale innovation without increasing exposure.
Traditional security and Data Security Posture Management (DSPM) tools were developed before AI agents began accessing enterprise data at scale. Although these tools can discover sensitive data, they were not designed to map the interrelations among agents, access paths, and permissions into a unified view of the AI risk surface.
Key Features of ArgusAI
Built on Bedrock’s Metadata Lake, ArgusAI maps agents, infrastructure, entitlements, and enterprise data into a unified exposure map. This enables organizations to understand and contain the risks created by enterprise AI systems. At the core of this capability is Bedrock’s Data Bill of Materials (DBOM), a continuously updated inventory of every data asset connected to an AI system. The DBOM includes:
- Data categorization
- Sensitivity classification
- Entitlement chain
- Regulatory context
- Data lineage
This provides the evidentiary foundation necessary to transform AI governance from assumptions into verifiable, auditable intelligence.
Governance through MCP Server Discovery
The MCP is rapidly becoming a connective backbone between AI agents and enterprise data. As MCP adoption increases, so does the potential for unintended exposure through misconfigured roles and over-permissive access paths. ArgusAI MCP Server Discovery governs this access through three core capabilities:
- Automated MCP infrastructure discovery and exposure mapping, which identifies MCP endpoints across cloud environments and enriches the discovery with data sensitivity classification and entitlement analysis.
- Sensitive data exposure detection with prebuilt policies that correlate MCP infrastructure with underlying data permissions, revealing exposure paths that traditional cloud or identity reviews often miss.
- Continuous monitoring of infrastructure and permission drift to proactively manage the AI risk surface before exposure becomes an incident.
Real-World Application
In a notable case, a global retailer expanded its internal AI search assistant by indexing additional datasets to enhance results, including customer analytics tables. Over time, they discovered a lack of a systematic way to track which datasets were being incorporated into AI retrieval services. During a posture review, ArgusAI’s DBOM revealed that a Snowflake Cortex-powered Search service had indexed customer loyalty tables containing Personally Identifiable Information (PII) that were never intended to be surfaced in AI responses. The DBOM provided essential context to adjust indexing scope swiftly, enabling the team to mitigate potential exposure without halting the AI initiative.
Embedding Governance into AI Workflows
As enterprises embed AI into workflows such as access reviews, incident response, and data operations, these systems increasingly make decisions affecting the enterprise AI risk surface. Without authoritative data risk context, AI-driven automation operates without full awareness of sensitive data location and permissions.
Bedrock Data’s MCP Server allows organizations to embed governance directly into AI-powered workflows, exposing the Bedrock Metadata Lake and data intelligence through a standard MCP interface. This enables enterprise AI workflows to access trusted data risk insights in real-time, ensuring governance is embedded in the workflow rather than being an afterthought.
Acknowledgment and Conclusion
The Bedrock Data platform has received industry accolades, including the CUBE Tech Innovation Award for the Most Innovative Data Protection Solution. ArgusAI has also been recognized for its innovative approach to AI-powered data protection.
Bedrock Data provides continuous, context-driven security and governance for enterprise data across various environments, including private cloud, IaaS, PaaS, SaaS, and AI. Its patented Metadata Lake and Serverless Outpost architecture autonomously discover, classify, and contextualize data in place without moving it outside customer boundaries, delivering operational data security for global leaders in various sectors.
