Salesforce has announced new capabilities for Agentforce, its digital workforce solution, aimed at transforming how organisations manage cybersecurity threats and compliance challenges. The enhancements, now available in Salesforce’s Security Center and Privacy Center, are designed to help businesses respond faster to risks, automate complex regulatory tasks, and reduce the operational burden on security and compliance teams.
Security teams today face mounting pressure as cyber threats grow more complex and compliance demands intensify. Nearly half of security leaders report spending more time configuring and troubleshooting tools than actively mitigating risks, while 90% of compliance executives say their responsibilities have increased in the past three years. This has created an unsustainable cycle of reactive firefighting that leaves organisations vulnerable.
Agentforce addresses these challenges by acting as an intelligent assistant within Salesforce’s ecosystem, strengthening security posture and streamlining compliance processes. Built natively on the Salesforce Platform, the enhanced Agentforce continuously analyses user activity, security configurations, and data governance policies to deliver actionable insights and reduce exposure.
Within Security Center, Agentforce can now be deployed directly from a pre-built template to proactively detect, triage, and manage threats. It analyses event logs to quickly summarise user activity, identify anomalies, and flag suspicious behaviour. In the event of an incident, the agent guides teams through remediation steps, prioritising the most critical actions and even taking automated measures, such as freezing accounts exhibiting atypical behaviour.
Agentforce also enables natural-language queries like “Are there any issues I need to be aware of?”, helping teams surface relevant insights instantly. By proactively flagging irregularities, correlating related anomalies, and triaging incidents for review, it reduces the time spent on manual investigations. Integrations with partners such as CrowdStrike and Okta extend these capabilities further, bringing external threat intelligence into Security Center and enabling cross-platform AI workflows via AgentExchange.
Automating compliance in Privacy Center
The enhanced Agentforce also plays a crucial role in simplifying regulatory compliance within Salesforce’s Privacy Center. By leveraging pre-built frameworks for laws such as GDPR and CCPA, it can autonomously scan metadata, data privacy policies, and system configurations to detect personal data exposure and non-compliance risks before they become issues.
Agentforce prioritises risks based on regulatory and business context, pinpointing where sensitive personal data resides and offering precise recommendations. It can automatically classify sensitive data, implement policies such as the Right-to-be-Forgotten, and support custom data management policies for more complex use cases. These capabilities significantly reduce the time and effort required to stay compliant with evolving data protection laws.
“We built Agentforce security and compliance capabilities to reduce the most painstaking, tedious responsibilities of security and risk professionals,” said Marla Hay, Salesforce SVP of Product Management. “Within Security Center and Privacy Center, security and compliance with Agentforce enables our users to focus on higher-value tasks while mitigating risks to their Salesforce data.”
Real-world impact for businesses
Early adopters such as CMC Energy and Cervello are already seeing transformative results from Agentforce’s new capabilities. CMC Energy uses Agentforce within Security Center to shift from reactive defence to proactive risk management, surfacing critical data and context through rapid natural-language queries.
“As CIO, safeguarding our clients’ data is my top priority. My team now has an intelligent agent to accelerate risk detection by allowing rapid, natural-language queries to quickly identify, assess, and respond to threats. This speed and precision not only improves our security posture but also instills greater confidence with our clients that their data is safe,” said Paul Mackay, Chief Information Officer, CMC Energy.
Cervello, a professional services firm, is leveraging Agentforce in Privacy Center to simplify compliance operations. “We are seeing that integrating Agentforce is transformative for our customers. It turns what used to be weeks of manual compliance planning and coordination into a guided, automated workflow that identifies issues and drafts remediation plans in minutes. This helps our customers move faster toward a compliant org and spend more time on strategy, not administration,” said Ralph Bruno, Senior Director, Cervello – Kearney Activate.
Availability and future roadmap
Agentforce is now available in both Security Center and Privacy Center. Additional features, including autonomous threat detection and triaging, Slack integration for security alerts, and support for custom data compliance policies, will roll out in Spring 2026. CrowdStrike integration for Security Center will also be available later this year through AgentExchange and the Slack Marketplace.
Salesforce continues to position Agentforce as a core component of its AI-driven platform strategy. Integrated with Customer 360 applications, Data Cloud, and Einstein AI, Agentforce enables businesses to combine human expertise with intelligent automation to deliver greater security, compliance, and customer success on a single trusted platform.
