Rubrik Deepens Identity Security & AI Governance Push
Rubrik has launched a significant integration with Microsoft Defender and introduced its Semantic AI Governance Engine (SAGE), marking an expansion in its focus on identity security and AI oversight.
Integration with Microsoft Defender
The integration connects Defender’s identity threat detection capabilities with Rubrik’s identity rollback and recovery tools. This collaboration is aimed at organizations facing identity-based attacks in hybrid environments. It allows joint customers to:
- Investigate incidents by matching threat alerts with identity changes.
- Reverse malicious modifications.
- Restore systems to a trusted state.
Rubrik emphasizes that while many security products can identify attacks, they often leave remediation to security teams. Citing research from Rubrik Zero Labs, it notes that 90% of IT and security leaders view identity-driven cyberattacks as their organization’s top concern. According to Anneka Gupta, Chief Product Officer at Rubrik, “Detection is only half of the battle.” She highlights the necessity for organizations to quickly reverse malicious identity changes and fully restore their infrastructure.
The integration aims to reduce recovery times from days to hours, allowing security and Identity Access Management (IAM) teams to transition from a detected compromise to a trusted state swiftly.
Identity Response Capabilities
Rubrik’s product utilizes immutable recovery points to restore identity states while maintaining visibility across Active Directory and Entra ID. Customers can reverse harmful identity changes without needing full domain restores. This launch builds on a broader initiative in identity resilience, which has seen Rubrik expand recovery options for Active Directory and Entra ID, and integrate with various identity providers, including Okta and CrowdStrike Falcon Identity Protection.
AI Governance with SAGE
The second announcement focuses on managing autonomous AI agents. Rubrik’s SAGE is designed to replace traditional rule-based governance with a system that interprets policies and triggers necessary actions. This governance engine utilizes a small language model to understand the context and meaning behind natural language policies, allowing for real-time application of rules without relying solely on keyword matching.
According to Devvret Rishi, General Manager of AI at Rubrik, SAGE signifies a pivotal moment in AI security. “With SAGE, we can move beyond simple monitoring to a future where AI helps us govern AI agents,” Rishi states. This shift enables organizations to manage the deployment of AI agents while maintaining security and integrity.
SAGE also features a capability called Agent Rewind, aimed at undoing destructive actions taken by AI agents and restoring data integrity. This feature addresses the challenge of managing AI systems that operate at high speeds and scales.
Benchmark Claims
In its announcement, Rubrik disclosed benchmark results for its custom small language model against OpenAI’s GPT-5.2. The results indicate that Rubrik’s model processes messages five times faster, detects violations with greater accuracy, and reduces computing overhead associated with real-time monitoring. This comparison supports Rubrik’s position on the benefits of using a smaller, domain-specific model for AI governance tasks.
Conclusion
Collectively, these launches illustrate Rubrik’s commitment to advancing beyond traditional backup and recovery solutions into operational security products tied to identity systems and AI controls. The integration with Microsoft Defender and the introduction of SAGE aim to enhance recovery capabilities and provide real-time oversight of autonomous agent behavior, ensuring that organizations can effectively manage both identity security and AI governance.
