Blog Varonis Products

Varonis Introduces AI Identity Protection for Salesforce Agentforce

Discover how Varonis AI Identity Protection secures Salesforce data from over-permissioned AI agents, enabling safe deployment and innovation.
Eugene Feldman
2 min read
Last updated October 14, 2025
Salesforce Agentforce AI Identity Protection

Contents

    Today, we’re excited to announce AI Identity Protection for Salesforce Agentforce.

    From automating workflows to analyzing data to driving decisions, Agentforce AI agents are changing how organizations use Salesforce. These powerful new capabilities also come with new risks, potentially making an organization's most valuable asset — their Salesforce data — more vulnerable.

    Varonis AI Identity Protection for Agentforce provides IT and security teams with full visibility and control over the data AI agents can access and the actions they can take.

    AI identity protection for Agentforce

    Most users today are over-permissioned, and their privileges accumulate, constantly increasing the risk of sensitive data exposure. Over-permissioned users lead to over-permissioned AI agents, but unlike human users, AI agents don’t let excessive access go unused. AI agents process and analyze every piece of data they can access. When an AI agent is over-permissioned, sensitive data exposure is a virtual certainty.

    To prevent overexposure, organizations need complete visibility into the data AI agents can access and how they access it. However, AI agents don’t just access and edit data; they can also take actions like emailing customers or prospects, granting return requests, granting system permissions to other users and agents, and much more.

    Organizations must have full visibility and control over the data AI agents can access and edit and over the actions AI agents can take within Salesforce and other enterprise systems. That’s why identity protection for AI agents is essential for organizations embracing Agentforce.

    With Varonis AI Identity Protection for Agentforce, organizations can:

      • Inventory every AI agent: Automatically discover and catalog Agentforce agents, including their topics, actions, and deployment status
    Agentforce GIF 01 - Inventory agents topics and actions
      • Unify visibility into data sensitivity, permissions, and activity: Get a unified view into what data is sensitive, which agents can access sensitive data, and what actions have been taken on that data
    Agentforce GIF 02 - unify sensitivity permissions activity
    • Automatically enforce least privilege and least agency: Varonis analyzes prompts for sensitive data exposure and policy violations and automatically right-sizes access — ensuring that agents only act within their intended scope
    Agentforce GIF 03 - enforce least privilege and agency

    Least agency in the age of AI

    The principle of least privilege is well-known in security: Users should only have access to the data they need. When it comes to AI agents, least privilege alone isn’t enough.

    Since AI agents access data and perform actions within Salesforce and other enterprise systems, organizations must also implement the principle of “least agency.”

    Every agent must only be able to take the actions needed to perform its intended tasks. For example, you don’t want a reporting agent exporting sensitive customer lists, or a support agent outputting confidential information. You also may want to have policies in place for which decisions a support agent can make independently, and which decisions should require explicit human approval. For example, a support agent may be authorized to update a delivery address and issue refunds under $25 on its own, but should require explicit approvals for more significant order changes and larger refund amounts.

    When describing their framework for agentic AI guardrails for information security, Forrester states:

    AI agents within agentic architectures must receive the minimum set of permissions, capabilities, tools, and decision-making to complete specific tasks bound by time and scope of approval. Least privilege focused on access; least agency places boundaries on decisions and actions.

    Forrester


    Achieving least agency cannot be achieved with manual access controls since AI agents are too dynamic, and their permissions can grow very fast, compounding their risk. To implement least agency, you need continuous, automated enforcement that not only monitors but also prevents agents from taking actions outside of their intended scope.

    Least agency is built into Varonis AI Identity Protection for Agentforce, allowing organizations to right-size what agents can do, prevent privilege misuse before it happens, and keep your Salesforce data safe no matter how fast your environment evolves.

    Ready to try Varonis AI Identity Protection for Agentforce?

    AI agents demand a new approach to identity security. Varonis AI Identity Protection for Agentforce gives you the visibility and control to safely deploy and operate AI agents, accelerate innovation, and keep your Salesforce data secure.

    Start with a free Varonis Data Risk Assessment for Salesforce so you can optimize and maintain your security posture and enforce least agency from day one.

    What should I do now?

    Below are three ways you can continue your journey to reduce data risk at your company:

    1

    Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

    2

    See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

    3

    Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

    Eugene Feldman
    Eugene Feldman Eugene Feldman is a Product Marketer at Varonis, specializing in helping customers secure their data in SaaS applications such as Salesforce, Snowflake, and other enterprise platforms. Before joining Varonis, Eugene worked as a product marketer at Salesforce and several smaller enterprise software and security companies.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    introducing-varonis-interceptor:-ai-native-email-security
    Introducing Varonis Interceptor: AI-Native Email Security
    introducing-varonis-interceptor:-ai-native-email-security
    Shawn Hays
    October 8, 2025
    Varonis Interceptor protects organizations from a new breed of AI-powered email threats with the best phishing detection on the planet.
    securing-sensitive-data-in-databricks
    Securing Sensitive Data in Databricks
    securing-sensitive-data-in-databricks
    Collaborative Article
    September 30, 2025
    Secure sensitive data in Databricks with deep visibility, proactive remediation, and active threat detection using Varonis.
    what's-new-in-varonis:-september-2025
    What's New in Varonis: September 2025
    what's-new-in-varonis:-september-2025
    Nolan Necoechea
    September 26, 2025
    Discover Varonis' latest features, including AI-native email security, new data protection policies, and new threat detection policies for Azure and Exchange Online.