Rubrik has announced two new product developments at RSAC 2026: an integration with Microsoft Defender aimed at speeding identity-attack recovery, and a new AI governance capability it calls the Semantic AI Governance Engine (SAGE).
The Microsoft integration is designed to connect Microsoft Defender’s identity threat detection with Rubrik’s identity rollback and recovery tools, targeting a common operational gap between detecting identity compromise and restoring a trusted identity state. Rubrik said the integration allows organisations to extend Defender detections into Rubrik’s identity recovery workflows across hybrid identity environments, including Active Directory and Entra ID.
Rubrik cited its Zero Labs research claiming 90 per cent of IT and security leaders view identity-driven attacks as their top concern. The company said many organisations still rely on manual investigation and recovery processes after identity-related incidents.
Rubrik said joint customers will be able to correlate threat alerts with identity changes, reverse malicious identity modifications without full domain restores, restore identity states using immutable recovery points, and maintain visibility across hybrid environments.
In a separate announcement, Rubrik unveiled SAGE, which it described as an AI governance engine intended to secure and control autonomous AI agents in real time. Rubrik said SAGE uses a domain-specific small language model to interpret the meaning of policies written in natural language, with the goal of enforcing guardrails beyond keyword-based approaches.
Rubrik said SAGE includes capabilities such as semantic policy interpretation, adaptive policy improvement that flags ambiguous guardrails, and integrated remediation to undo destructive agent actions via what it calls “Rubrik Agent Rewind”.
As part of its claims around performance, Rubrik said it benchmarked its custom model against OpenAI’s GPT-5.2 using a standardised set of user-agent interactions, reporting faster processing and improved policy-violation detection. The company did not disclose the benchmark methodology, dataset details, or whether results were independently validated.
Rubrik included a “safe harbor” statement noting that some referenced services or features are not currently available and may not become generally available.
