Bonfy.AI, the pioneer in adaptive content security, announced today its emergence from stealth mode with its Bonfy Adaptive Content Security™ (Bonfy ACS™) unified platform. Founded by security industry veterans Gidi Cohen and Danny Kibel, Bonfy secured $9.5 million in 2024 in seed funding led by TLV Partners, with participation by Saban Capital Group, and is set to optimize how AI and human-generated content is monitored and protected, differentiating itself by using AI-powered business context and business logic to accurately prevent exposures such as oversharing, IP leakage, privacy violations, and non-compliant communications.
Customers use Bonfy’s proprietary AI-powered technology to analyze and manage content risks associated with AI tools such as ChatGPT and Microsoft 365 Copilot, documents, emails, and communications such as Slack, while eliminating the overwhelming volume of false positives and enormous blind spots (false negatives) associated with traditional data loss prevention (DLP) tools.
According to the Gartner 2025 Market Guide for Data Loss Prevention, Gartner emphasizes that today’s Data Loss Prevention (DLP) solutions must move beyond traditional content inspection to effectively address the complexities of modern data security. In fact, “70% of CISOs in larger enterprises will adopt a consolidated approach to address both insider risk and data exfiltration use cases.” This means understanding the full context of data interactions or data creation, generation, and sharing to ensure the safe use of AI technologies.
Bonfy meets these evolving demands head-on, offering a next-generation DLP alternative that delivers the contextual intelligence, behavioral analytics, and adaptive remediation capabilities identified by Gartner as essential. Designed for the detection and prevention of content risks at rest, in use, and in motion, Bonfy ACS is agnostic to any sort of human readable content or unstructured data, generation techniques, underlying models, and human edits, making it versatile for various applications, including SaaS (e.g., Microsoft 365 Copilot), Shadow AI, and custom applications.
Bonfy ACS is purpose built to keep AI-generated content safe and compliant, enabling organizations to build trust and confidence with their customers and team members. Acting as a guardian AI, Bonfy ACS enforces communication and sharing policies and mitigates risks related to cybersecurity, privacy, compliance, IP protection, and reputation in a faster, streamlined, and more accurate way than legacy data security and compliance technologies can handle by using business context, derived from information contained in CRMs, IAMs, and business applications, and business logic, derived from out-of-the box policies such as GDPR, PCI, HIPAA, CCPR, and user-defined polices,as inputs. It is an ideal solution for any organization implementing GenAI initiatives, especially regulated and security-conscious verticals such as healthcare, insurance, finance, legal, media, and technology.
Bonfy ACS leverages patent-pending, AI-enabled technology that uses business context and logic to accurately detect risks in any content or unstructured data without relying on error-prone pattern matching or generic classifiers.
Bonfy ACS supports various use cases, such as:
- Analyzing emails, including attachments, and other communications for confidential or sensitive data—such as trade secrets, intellectual property, employee login credentials or customer account information that could lead to a data leakage—before they are sent externally.
- Monitoring content output from Microsoft 365 Copilot and other GenAI and SaaS applications to ensure it meets data security policies.
- Providing the necessary data security controls to implement AI governance requirements to address risks such as bias, privacy infringement, and misuse.
Key Capabilities of Bonfy ACS:
- Detects and prevents content risks at rest, in motion, and in use.
- Supports various SaaS applications and communication platforms such as HubSpot, Google Mail, Microsoft 365, Salesforce, Slack, and SMTP.
- Uses auto-learning for business context creation and entity-aware analysis.
- Provides out-of-the-box policies for best practices and regulations.
- Integrates with incident response platforms and notification systems.
- Offers executive visibility through customizable dashboards.
- Delivery: SaaS; Flexible hosting options.
Learn more about Bonfy at bonfy.ai.
Bonfy Unveils First Data Security Platform for AI Agents, Shadow AI, and Enterprise GenAI Workflows
Posted in Commentary with tags Bonfy on March 19, 2026 by itnerdBonfy.AI today announced Bonfy Adaptive Content Security™ (Bonfy ACS) 2.0, the industry’s first platform built to secure enterprise content across all systems, applications, and AI agents – anywhere data moves, resides, or is processed. As organizations race to deploy copilots, custom AI apps, and increasingly autonomous AI agents, security leaders are struggling with blind spots around how these systems access, transform, and share sensitive data, gaps that legacy DLP and DSPM tools were never designed to handle. By 2028, Gartner projects that 22% of cyberattacks and data leaks will involve generative AI, and through 2029 over 50% of successful cybersecurity attacks against AI agents will exploit access‑control issues.
Bonfy delivers real-time, contextual protection across email, SaaS apps, collaboration tools, browsers, cloud and on‑prem file stores, AI systems, and agent frameworks, so enterprises can safely accelerate AI adoption without flying blind. With native coverage for Microsoft 365 (Exchange Online, SharePoint, Entra, Copilot and Purview), Google Workspace (Gmail, Google Drive, Google Directory), Salesforce, HubSpot, Slack, on‑premises file stores, AWS S3, and more, Bonfy becomes the unifying data security layer that follows content regardless of channel or AI workflow.
Built for agentic and autonomous AI
Bonfy ACS 2.0 is engineered specifically for system‑level and browser‑based AI agents that plan, reason, call tools, and execute actions across enterprise systems.
By treating agents as first‑class entities, not just extensions of users, Bonfy allows security teams to see which agents accessed which data, how they used it, and where the outputs ultimately landed. Bonfy ACS 2.0 fits cleanly into a customer’s existing security and productivity stack: it complements Microsoft Purview and M365 DLP, integrates with Microsoft Entra and Google Directory, and plugs into SIEM/SOAR tools such as Splunk, Sentinel, and Rapid7 for workflow automation, while also integrating via its MCP Server interface and APIs with modern AI platforms including Microsoft Copilot Studio, OpenAI, Anthropic Claude, Google Gemini, and other enterprise agent frameworks.
Bonfy is designed for executive level visibility and governance for CISOs, CIOs, and to be operated by security teams, security architects, and AI platform teams responsible for GenAI and agent deployments in financial services, insurance, technology, biotech/pharmaceutical, healthcare companies, and more. It provides one policy and automation engine that spans traditional data security, AI data governance, and AI agent guardrails, eliminating the need to stitch together separate point products for systems, and agents. The Bonfy platform can now be used both for projects where organizations consume AI and build AI.
Headline capabilities in Bonfy ACS 2.0
Bonfy ACS 2.0 introduces six major capabilities that together form a second-generation, high‑performance data security platform for the AI era.
Bonfy adds “data in use” security solution by adding an MCP server interface, API, and agent‑aware controls so enterprises can inspect and govern the content AI agents read, share, and generate during planning, reasoning, and execution, not just in the final output. Agents can call Bonfy inline to label and risk‑score content before it reaches external services or users, stopping AI‑driven leakage and trust‑boundary violations.
A lightweight browser extension delivers real‑time, content‑aware inspection of web traffic, including unsanctioned AI tools and browser‑based assistants. Bonfy separates safe AI use from risky disclosure, detects shadow AI automations, and shows security teams exactly where sensitive data is going.
Bonfy 2.0 adds native support for Gmail, Google Drive, and Google Directory, achieving parity with Microsoft 365 integrations and extending multi‑channel protection across both ecosystems. Organizations running on Google now get unified, entity‑aware controls including contextual, automated classification labeling.
A new “data surface visibility” view gives CISOs a live map of where sensitive content lives across data stores such as Microsoft SharePoint, Google Drive, AWS S3 buckets, On-prem file stores and AI systems, and how employees and agents use it. Teams can drill from high‑level exposure down to specific actors and flows to understand real business risk, not just isolated events.
Bonfy now covers on‑premises file stores and cloud object storage such as AWS S3, alongside existing SharePoint, Google Drive and other SaaS applications. This creates a unified control plane for unstructured data at rest, in motion, and in use.
Bonfy 2.0 tightens data minimization, encryption, and configurable retention so the platform itself has a smaller, better‑protected footprint. Completing SOC 2 Type 2 certification as part of the release reinforces Bonfy’s readiness for highly regulated industries.
Availability and RSAC 2026
Bonfy ACS 2.0 is available immediately. RSAC 2026 attendees can schedule a live demo by contacting Vishnu Varma.
Leave a comment »