Varonis Acquires AllTrue to Strengthen AI Security Capabilities
AI is growing almost everywhere, and with that in mind, a company has something true to share.
Varonis has announced its acquisition of AllTrue.ai, an AI trust, risk, and security management (AI TRiSM) company, in a move aimed at helping enterprises manage and secure the growing use of AI across their organizations. The deal underscores a broader industry shift as security vendors race to address the risks introduced by large language models, copilots, and autonomous AI agents operating at scale.
The acquisition strengthens Varonis’ ability to help organizations adopt safe, compliant, and trustworthy AI by extending its data-centric security model directly into AI systems themselves. Financial terms of the deal were not disclosed by Varonis, although some reports put it at $150 million.
Expanding security from data to AI systems
Varonis is best known for its focus on data security, with technology designed to discover sensitive data, map access rights, and reduce exposure through least-privilege controls. With the acquisition of AllTrue.ai, the company is expanding that approach to include visibility and enforcement across AI systems that interact with enterprise data.
As organizations increasingly deploy AI-powered tools, these systems are no longer limited to analyzing information. Many are capable of reading, writing, modifying, and acting on data autonomously and at machine speed. This evolution introduces a new category of risk, particularly when AI systems operate without clear governance, oversight, or security controls.
By combining AllTrue.ai’s real-time AI observability and enforcement with the Varonis Data Security Platform, the company aims to give customers a unified way to understand what AI systems exist, what data they can access, and how they behave in production environments.
Guardrails for AI behavior
Beyond discovery, AllTrue.ai provides enforcement capabilities intended to prevent unsafe or non-compliant AI behavior in real time. Its platform includes AI Security Posture Management to identify vulnerabilities and misconfigurations, runtime protection to block sensitive data leakage or malicious activity, and AI Detection and Response to generate alerts and audit logs for suspicious behavior.
These controls are designed to operate across different models and tools, reflecting the reality that most enterprises rely on a mix of proprietary models, third-party services, and open-source technologies.
As regulatory scrutiny of AI continues to increase globally, the ability to demonstrate oversight, accountability, and compliance is becoming a priority for large organizations. AllTrue.ai also provides audit reporting aligned to evolving AI regulations and frameworks, which Varonis plans to integrate into its broader governance capabilities.
Implications for enterprise AI adoption
The acquisition reflects a broader shift in how organizations are thinking about AI governance. Security is no longer just about preventing breaches. It is about ensuring that autonomous systems act safely, reliably, and in line with organizational policy.
With the combined platform, Varonis says organizations will be able to identify AI systems and agents, understand what they were built to do, control their behavior in real time, and automatically enforce least-privilege access to sensitive data. The goal is to make AI adoption possible at scale without sacrificing security, compliance, or trust.
As AI becomes embedded in core business processes, moves like this highlight how security vendors are redefining their platforms to meet the demands of a more autonomous, AI-driven enterprise.
AI was meant to cut labor costs. For many organizations, it hasn’t. Here’s why AI ROI is now under scrutiny across APAC.
About Author
