Salesforce is expanding AgentForce with specialized AI agents for cybersecurity and compliance issues. The new features are designed to help organizations automate security incidents and comply with regulations such as GDPR. Nearly half of the security experts spend more time on tools than on actually combating threats.
Security and compliance teams are under enormous pressure. Research shows that nearly half of security professionals spend more time configuring tools than actively combating cyber threats. At the same time, 90 percent of compliance executives say their responsibilities have increased over the past three years.
Salesforce is now presenting a solution via Agentforce, the AI agent platform that has been available since the end of last year. The new security and privacy functionalities, integrated into Security Center and Privacy Center, are designed to automatically block cyber threats and potential compliance deviations.
Agentforce in Security Center
Within Security Center, customers can now directly deploy AI agents for proactive threat detection. The agents analyze user activity from event logs and provide summaries of what users are viewing and whether any unauthorized actions have been performed.
In the event of incidents, Agentforce guides users and security professionals through the process of resolving issues step by step. The AI can even take independent action, such as freezing accounts with suspicious behavior. Teams can also receive and respond to security alerts via Slack.
Through partnerships with CrowdStrike and Okta, Salesforce offers comprehensive security integrations. These integrations enable the combination of external security data and analyses with Agentforce’s AI expertise.
Compliance automation with Privacy Center
For privacy and compliance, Salesforce is introducing AI agents that autonomously scan Salesforce metadata against known regulations such as GDPR and CCPA. The agents automatically detect exposure of personal data and potential compliance risks.
According to the company, the AI agents can prioritize compliance issues based on their severity. They take into account the business context and the location of sensitive data within systems.
In the event of compliance policy violations, Agentforce automatically proposes remedial actions. These can range from reclassifying sensitive data to implementing the “right to be forgotten.”
Results among early adopters
CMC Energy uses Security Center with Agentforce for proactive threat detection. “My team now has an intelligent agent to accelerate risk detection by allowing rapid, natural-language queries to quickly identify, assess, and respond to threats,” says CIO Paul Mackay.
Professional services company Cervello uses Agentforce in Privacy Center to identify compliance issues. “It turns what used to be weeks of manual compliance planning and coordination into a guided, automated workflow that identifies issues and drafts remediation plans in minutes,” says Senior Director Ralph Bruno.
The new security and compliance features are available to existing Agentforce customers and will be rolled out in phases starting in October 2025.