Forcepoint brings its “Self-Aware Data Security” platform to databases and data lakes: AI-powered DSPM for structured and unstructured data in a single console

Forcepoint announced the expansion of its Self-Aware Data Security platform to cover structured data in enterprise databases and data lakes, in addition to the unstructured data (files, emails, SaaS) where it was already operational. With this move, the company ensures it offers a single product capable of providing Data Security Posture Management (DSPM) and adaptive data loss prevention (DLP) that work coherently in hybrid and multi-cloud environments.

The key technical innovation is AI Mesh Data Classification, Forcepoint’s native AI classification engine, now extended to Microsoft SQL Server, Oracle, MySQL, and platforms like Snowflake and Databricks. The goal: discover, classify, and remediate risks in real-time within a single policy framework that covers SaaS, email, web, network, endpoints, clouds, and AI flows.

“Too many DSPMs stay at the reporting stage; they make databases invisible to teams,” said Naveen Palavalli, Chief Product & Marketing Officer at Forcepoint. “We provide consistent visibility, access, and control over both structured and unstructured data, closing ‘dark data’ and ‘shadow AI’ gaps with security that adapts as risks evolve.”

What does this expansion bring (on a single page)

• Discovery and classification of structured data
  Covers SQL Server, Oracle, MySQL, and data lakes like Snowflake and Databricks, aligning risk management of structured and unstructured data under the same framework.
• Scale-up execution and remediation (not just visibility)
  Enables permission adjustments, prevention of over-sharing, moving sensitive files to secure repositories, and cleaning ROT (redundant, outdated, trivial), orchestrated through a single policy that applies across SaaS, email, web, network, endpoints, clouds, and AI flows.
• Enterprise-ready compliance
  AI Mesh emphasizes precise, customizable, and explainable classification over generic LLMs. Nearly 2,000 policy templates, automated reporting, and auditable AI logic facilitate compliance with complex frameworks and reduce false positives.
• Executive visibility and prioritization
  Dashboards display exposures of regulated data and provide a financial impact estimate (cost of breach or non-compliance), guiding investments and access governance based on business criteria.
• Self-aware security
  Combines discovery → classification → prioritization → remediation → protection in a continuous loop, with real-time coaching for users, access adjustments, or blocking exfiltration according to context, posture, and intent.

Why it matters: the blind spot of structured data

The adoption of SaaS, cloud, and AI has accelerated the protection of files and apps; however, databases and data lakes remain the Achilles’ heel for many organizations: they house PII, financial assets, IP, and critical operational data, yet often lack the visibility, classification, and policy enforcement that are standard in email or office suites.

Enforcing coherence between structured and unstructured data reduces:

• Compliance gaps (dispersed personal/financial data).
• Operational risk due to excessive access and accidental sharing.
• Cost of maintaining fragmented tools that don’t integrate with each other.

Use cases (and practical changes)

• Regulated data inventory: locate PII, PCI, health data, secrets, or designs in Snowflake and SQL with the same granularity as in SaaS and files.
• Access governance: detect over-permissions and dangerous inheritances (e.g., roles with mass read access), revoke or adjust from the same policy.
• Shadow AI / controls in AI flows: apply safeguards when agents or models try to access sensitive datasets or export results with protected data.
• Information hygiene: periodic campaigns for ROT cleansing and relocation of sensitive data to repositories with reinforced controls.
• Auditing and reporting: preconfigured templates, explainable AI, and traceability that streamline audit cycles and compliance processes.

How it fits into the “Self-Aware Data Security” strategy

Forcepoint defines its self-aware approach as an adaptive loop that does not separate discovery from action. The platform continuously monitors context, posture, and intent, learns, and acts: it can train users in the moment (e.g., “don’t send this outside the organization”), change permissions, or block an action based on risk.

The AI Mesh engine is responsible for classification with explainable accuracy (versus “black boxes”), customizable by sector and geography, and consistent across rest, use, and movement of data.

Quick comparison: traditional DSPM vs. Forcepoint DSPM

Impact on security, compliance, and costs

• Security: reduces exposure from over-permissioning and exfiltration from BI/ETL/LLMs.
• Compliance: shorter audit cycles and improved evidence (explainability), fewer false positives.
• Cost: consolidates tools and automates discovery/remediation tasks; prioritizes based on estimated financial impact.

Availability and events

The expansion was announced during Forcepoint AWARE 2025 (October 7–8), a virtual summit on data security and AI featuring live and on-demand content. The company maintains dedicated product pages and data risk assessment resources with more technical details.

In summary

Forcepoint extends its Self-Aware Data Security platform to databases and data lakes with a native AI DSPM that unifies visibility and control over structured and unstructured data. The approach: one policy, one console, and explainable AI to discover, classify, and protect data wherever it resides, automating remediation and shortening the gap between seeing the risk and closing it. For organizations advancing in SaaS, cloud, and AI, this is a pragmatic step toward controlling “shadow data/AI”, simplifying compliance, and reducing risks without hindering innovation.

via: forcepoint