Commvault has announced enhancements to Commvault Cloud that extend data discovery, classification and real‑time access governance into structured data environments, including vector databases commonly used with AI applications.
The additions, enabled by Commvault’s acquisition of Satori, aim to bring the vendor’s data security posture management (DSPM) capabilities for unstructured data into relational and cloud‑native database contexts.
The update introduces AI‑enabled classification to identify sensitive records across enterprise systems, and a data access governance layer that monitors and controls structured data access in real time.
Commvault says the combined capability surfaces exposure and policy violations, consolidates risk insights and helps teams prioritise remediation by impact.
The vendor positions the integration with cyber resilience workflows as a way to reduce data risk before incidents and to improve recovery effectiveness after breaches.
“As organizations expand into cloud and AI‑driven environments, sensitive data is increasingly distributed across structured and unstructured systems,” said Yoav Cohen, vice president of product management at Commvault and co‑founder of Satori.
“Without clear visibility and real‑time access controls, that data can become overexposed and difficult to manage. By extending discovery and governance into structured data environments, we are helping organizations reduce unnecessary exposure and strengthen resilience across both live and backup data.” Yoav Cohen
The announcement addresses risks CISOs must manage as AI projects scale. Commvault cites industry findings that a high proportion of organisations expose sensitive data that could be surfaced by AI, and that breaches continue to involve customer and employee personally identifiable information.
Real‑time governance over structured stores — including vector stores used for model training and retrieval — is intended to reduce the chance that sensitive data propagates into model outputs or third‑party AI services.
Availability details state that data access governance for real‑time control of structured data is available now via single sign‑on from Commvault Cloud and as an add‑on to existing packages. Broader structured data discovery and classification capabilities are scheduled for general availability in late summer 2026; pricing will be announced nearer that date.
Analysts quoted in the release note the strategic importance of converging DSPM with resilience. Jennifer Glenn, Research Director, Data and Information Security at IDC, said the unification equips security and IT leaders to manage AI‑driven risk across expanding AI footprints.
For security teams, the practical implications include integrating governance signals into SIEM/SOAR workflows, ensuring vector databases are included in discovery and classification scans, and aligning policy enforcement with backup and recovery processes so that both production and archived datasets are subject to the same controls.
