Cyberhaven

One-liner — An endpoint-based, AI-powered data-loss-prevention / “data detection and response” (DDR) platform that tracks the lineage of data — where it came from, how it moved, and where it’s going — so it can stop sensitive data (including data pasted into ChatGPT and other shadow-AI tools) from leaking.

Categoriesdlp (primary), ai-access-governance

What it does

Cyberhaven is a data-security platform built around data lineage: rather than matching content against regex/pattern rules the way classic DLP does, its endpoint agent records the full chain of custody for data — the document it was copied from, the app it passed through, the user, and the destination. That history lets it classify derived and pasted content by the sensitivity of its source, and apply policy accordingly. Cyberhaven brands the approach Data Detection and Response (DDR), explicitly analogizing it to how EDR transformed endpoint security: behavioral analysis applied to data flows instead of signatures.

The platform bundles three jobs that are usually sold separately: DLP, insider risk management (IRM), and DSPM (data security posture). The differentiating AI layer is Linea AI and its Large Lineage Model (LLiM) — a foundation model trained to predict the next likely action in a corporate data workflow (the way an LLM predicts the next word), used to surface anomalous/risky data movement.

A large part of its current pitch is shadow AI / GenAI data protection: showing which AI tools employees use, what data is going into them, and blocking risky flows. The canonical example: an employee copies text from a sensitive file and pastes it into ChatGPT; the endpoint agent sees both the source (and its sensitivity) and the destination, and enforces policy on the paste. A newer Agentic AI Security offering extends this to autonomous AI agents and MCP servers running on endpoints — visibility into which agents run, what data they touch, and what actions they take.

Where it sits in the stack

Primary home is the dlp category in the data layer, with a strong secondary footprint in ai-access-governance (CASB-for-AI / shadow-AI). It controls sensitive data and its outbound movement: it watches sensitive data at the endpoint and blocks/controls its exfiltration to untrusted destinations (including AI tools). It does not address untrusted-input/prompt-injection — that is the job of ai-runtime-security. Trust-zone relevance: it instruments the endpoint (the boundary between green/internal and red/external), making it a data-egress control point rather than a model-traffic inspector.

Deployment & architecture

  • Endpoint agent + SaaS console. The core sensor is a lightweight endpoint agent (Windows/macOS) that observes file, clipboard, browser, and app events locally; analytics and policy live in the Cyberhaven SaaS backend. This is endpoint DLP, contrasted by the vendor with network/proxy DLP — there is no inline TLS proxy required.
  • Browser/SaaS coverage for web apps and AI tools (e.g. detecting paste into ChatGPT/Claude/Gemini), plus cloud-data coverage for DSPM.
  • Integrations — typical DLP/IRM ecosystem: SIEM/SOC for alerting, IdP for user context, and AI-tool/endpoint telemetry. (Specific connector list not fully verified — see open questions.)

Positioning & differentiators

  • Lineage vs. pattern-matching. The core claim that sets it apart from legacy content-inspection DLP (nightfall-ai, Microsoft Purview DLP, Netskope DLP): it tracks data provenance across transformations, so it catches sensitive data even after it’s been copied, renamed, or reformatted, and reduces false positives.
  • DDR framing + LLiM. “Data detection and response” and a purpose-built lineage foundation model are its marketing wedge against both classic DLP and newer AI-era DLP entrants (mind, prompt-security, lasso-security).
  • Shadow-AI overlap. On the ai-access-governance side it competes with witnessai, harmonic-security, Nudge, Aurascape and others — but Cyberhaven comes at shadow-AI from the endpoint/data direction (what data left the device) rather than the network/proxy direction.

Ownership, funding & M&A

  • Independent, venture-backed. No acquisition (the seed carried no M&A flag; confirmed none found).
  • Series D: $100M, announced 2025-04-02, led by StepStone Group (Nasdaq: STEP), with new investors Schroders and Industry Ventures. Brought total funding to ~$250M and a $1B valuation (a roughly 7x jump in a year). Source: Cyberhaven press release (primary). ownership_confidence: high.
  • Company stated it plans to expand via both M&A and organic innovation — i.e. a potential acquirer, not a target, as of mid-2025.

Soft note (leadership): the April 2025 press release attributes the CEO quote to Howard Ting; some third-party company profiles list Nishant Doshi as current CEO. Possible leadership transition; unverified. Non-blocking.

CTO / hedge-fund lens

  • Day-1 if you are letting staff use external AI tools. For a fund whose crown jewels are research, positions, and MNPI, controlling what gets pasted into ChatGPT/Claude is a real Day-1 data-egress problem, and endpoint DLP is a credible control. Cyberhaven’s lineage angle is attractive where classic DLP drowns teams in false positives.
  • Caveat — agent footprint. It requires an endpoint agent on every managed device; small funds with heavy BYOD or contractor populations get partial coverage. It is also a fuller-weight platform purchase than a narrow AI-paste blocker.
  • Overlap with what you may already own. Many shops already run Microsoft Purview or a Netskope/Zscaler SSE with DLP; Cyberhaven is a rip-and-replace/augment decision, not additive-by-default.
  • Model-risk / SR 11-7: not a model-governance tool; relevance is data-leakage and insider-risk controls that support an AI acceptable-use policy, not model validation.
  • Fit: medium — strong for mid/large regulated shops worried about sensitive-data egress into AI; heavier than a small fund may want as a first control.

Competitors / alternatives

Open questions / to verify

  • Current CEO (Howard Ting vs. Nishant Doshi) — confirm and date any transition.
  • Exact integration/connector list (SIEM, IdP, AI gateways, MCP) and OS support beyond Windows/macOS.
  • Whether the Agentic AI Security / MCP-server-visibility product is GA or early access, and its pricing relationship to the core platform.
  • Any funding/ownership change after 2025-04.

Sources

History

  • [2026-06-28] Stub created from seed registry.
  • [2026-06-28] Researched; established founded 2016 (Lausanne, now Palo Alto HQ), founders, independent venture-backed status, $100M Series D (2025-04-02, StepStone, $1B valuation, ~$250M total) raised ownership_confidence to high; documented data-lineage/DDR/LLiM, endpoint-agent DLP, and shadow-AI / Agentic-AI positioning. Set status: researched, confidence: medium, 4 sources cached. Noted soft CEO-name discrepancy (Howard Ting vs. Nishant Doshi).