As enterprises push deeper into AI and cloud environments, the security conversation is rapidly shifting toward data itself. This week, Commvault announced a major expansion of its data and AI security capabilities within Commvault Cloud, extending visibility and governance into structured databases—including vector databases increasingly used in AI applications.

The new capabilities, enabled by Commvault’s recent acquisition of Satori, aim to close a growing gap in enterprise security: controlling how sensitive data is accessed and exposed across modern data environments.

Security Moves Closer to the Data Layer

Commvault has traditionally been known for backup and cyber resilience. But as AI models and analytics platforms consume more enterprise data, the company is positioning Commvault Cloud as a broader data security platform.

The update extends the platform’s existing Data Security Posture Management (DSPM) functionality—previously focused on unstructured data—into structured environments such as databases and cloud data warehouses.

That expansion matters because structured systems now hold some of the most critical assets feeding AI pipelines, including customer records, operational metrics, and regulated information.

Commvault’s approach unifies discovery, classification, risk analysis, and access governance across:

• Structured data

• Semi-structured data

• Unstructured data

All of it spans hybrid and multi-cloud environments, reflecting how most enterprises actually manage data today.

AI Changes the Risk Equation

One reason Commvault is pushing deeper into data governance: AI itself is becoming a new attack and exposure vector.

Vector databases—which store embeddings used by AI models—can inadvertently surface sensitive information if not properly governed. Legacy security tools weren’t designed with these systems in mind.

By adding real-time access governance for structured databases and vector data stores, Commvault aims to reduce the risk of data leakage, including exposure through generative AI applications.

The platform’s new capabilities include:

• AI-driven discovery and classification of sensitive data

• Identification of environments with high-risk data exposure

• Monitoring and control of structured data access in real time

• Integration with cyber resilience and recovery workflows

The end goal is to help organizations reduce risk before incidents occur—and recover more effectively if they do.

Why the Satori Deal Matters

Commvault’s acquisition of Satori earlier this year appears to be central to the strategy.

Satori specialized in data access governance and real-time controls, technologies that complement Commvault’s strengths in backup, cyber recovery, and resilience.

The result is a platform that doesn’t just store and protect data copies—it also manages how live data is accessed, used, and potentially exposed.

That convergence is becoming increasingly important as CISOs look for unified security approaches rather than fragmented tooling.

The Growing Focus on AI Data Governance

Industry analysts have been warning that AI adoption is moving faster than security frameworks designed to govern it.

According to research cited by Commvault, a large percentage of organizations have sensitive data that could be surfaced by AI systems, while a significant share of breaches still involve personally identifiable information.

Analysts say this shift is forcing security leaders to rethink their approach. Tools that combine DSPM with cyber resilience could help organizations better manage AI-driven risk across expanding data ecosystems.

Availability and What’s Next

Some of the new capabilities are already available.

Real-time data access governance for structured environments can be accessed today through single sign-on within Commvault Cloud and is offered as an add-on across platform tiers.

Meanwhile, expanded structured data discovery and classification features are expected to reach general availability in late summer 2026.

Commvault plans to showcase the updates at the RSA Conference 2026 in San Francisco, where the company will highlight its broader push toward unified resilience across data security, identity protection, and cyber recovery.

The Bottom Line

Commvault’s latest update reflects a broader shift in enterprise security: protecting data wherever it lives—and however it’s used by AI.

As organizations deploy more AI-driven systems and vector databases, governance at the data layer is becoming non-negotiable. By extending DSPM and access controls into structured and AI data environments, Commvault is positioning itself at the intersection of cyber resilience and AI security.

That’s a strategic move in a market where the next generation of breaches may be driven less by infrastructure vulnerabilities—and more by exposed data fueling AI.

Get in touch with our MarTech Experts.