Cloud-based software company Salesforce has expanded its Agentforce capabilities to help organizations proactively address cyber threats and automate compliance processes within its Security Center and Privacy Center.
The new features aim to support security and compliance teams that are increasingly burdened by complex threats and regulations. Salesforce cited studies showing that nearly half of security leaders spend more time managing tools than mitigating threats, while 90% of compliance executives say their responsibilities have grown in recent years.
“We built Agentforce security and compliance capabilities to reduce the most painstaking, tedious responsibilities of security and risk professionals,” said Marla Hay, SVP of Product Management at Salesforce. “Within the Security Center and Privacy Center, security and compliance with Agentforce enables our users to focus on higher-value tasks while mitigating risks to their Salesforce data.”
Built natively on the Salesforce Platform, Agentforce now integrates with the company’s security and privacy tools to automate investigations, identify risks, and ensure compliance with regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Security Center with Agentforce
Agentforce enhances security operations by monitoring activity, detecting anomalies, and guiding remediation efforts. Key features include:
- Fast, in-depth security investigations: Agentforce summarizes user activity from event logs, including login details and unusual actions.
- Guided security remediation: In the event of an incident, Agentforce prioritizes actions to resolve issues quickly and prevent future threats. It can also act automatically, such as freezing a user showing suspicious behavior.
- Threat detection and monitoring: Users can ask Agentforce questions in natural language, such as “Are there any issues I need to be aware of?” The agent then flags irregularities and triages incidents.
- Extended security through partners: Partnerships with CrowdStrike and Okta will bring external insights and cross-platform integrations via AgentExchange.
Privacy Center with Agentforce
Agentforce also automates compliance workflows, interpreting regulatory contexts to identify and reduce data exposure. Features include:
- Proactive risk detection: Scans Salesforce tenant metadata and privacy policies to detect exposure and non-compliance risks.
- Prioritizing regulatory issues: Ranks privacy risks by severity, helping teams focus on the most critical concerns.
- Accelerated compliance remediation: Suggests data management policies, such as Right-to-be-Forgotten requests, and supports customized frameworks for different regulations.
Use cases
CMC Energy uses Agentforce in Security Center to strengthen its data protection strategy.
“As CIO, safeguarding our clients’ data is my top priority. My team now has an intelligent agent to accelerate risk detection by allowing rapid, natural-language queries to quickly identify, assess, and respond to threats. This speed and precision not only improves our security posture but also instills greater confidence with our clients that their data is safe,” said Paul Mackay, CIO of CMC Energy.
Professional services firm Cervello uses Agentforce in Privacy Center to automate compliance planning and identify regulatory gaps.
“We are seeing that integrating Agentforce is transformative for our customers. It turns what used to be weeks of manual compliance planning and coordination into a guided, automated workflow that identifies issues and drafts remediation plans in minutes. This helps our customers move faster toward a compliant org and spend more time on strategy, not administration,” said Ralph Bruno, senior director of Cervello–Kearney Activate.