SAP and cloud-native cyber threat hunter, Uptycs, have today announced their strategic partnership to integrate AI-driven cyber threat analysis into enterprise security operations.
By implementing its AI platform Juno, Uptycs will provide virtual security analysis by detecting and identifying threats across cloud and on-premise systems, whilst generating strategic insights for decision-makers.
This strategy aims to address the risks associated with autonomous AI agents in security, ensuring teams receive transparency and control during AI experimentation and that analysts receive a comprehensive view of threats.
Roland Costea, CISO and Executive Vice President, Enterprise Cloud Services at SAP, argues that modern cloud security now requires tools that go beyond threat detection to provide actionable, verifiable insights that help teams make strategic decisions and improve overall enterprise security operations.
“Security in today’s cloud‑centric world demands tools that not only detect threats, but elevate strategic decision‑making,” he said.
“Our partnership with Uptycs reflects a shared commitment to verifiable, intelligent cybersecurity solutions that empower teams to stay ahead of risk while transforming how enterprise security operates.”
The Rise of AI-Driven Attacks and Overstretched Security Teams
With the increased uptake of AI-driven threats in the past 12 months, cyber-attackers are using automation and AI to scale phishing, exploit discovery, and lateral movement.
Consequently, traditional security agents struggle to keep up with the speed and volume, leaving organizations vulnerable to faster, more complex attacks and increasing the risk of data breaches and operational disruption.
Security teams and analysts are also spending an increasing amount of time triaging alerts and producing reports to ensure the safety levels of their systems, limiting the ability to focus on complex investigations and proactive threat hunting.
AI hallucination can also cause further lack of trust in cybersecurity settings, as decisions must be evidence-based and defensible.
The convergence of automated AI-driven attacks, overwhelmed security teams, and unreliable AI outputs creates a critical gap in enterprise cybersecurity.
Organizations today are facing faster, more sophisticated threats while their human analysts are overstretched, reducing their capacity to defend strategically.
Glass Box Architecture and Verifiable AI Analysis
SAP’s partnership with Uptycs will combine its AI analyst platform, Juno, with SAP’s enterprise cloud infrastructure and customer base, as well as internal security leadership and operational validation.
Operating with a “Glass Box” architecture, Juno can link outputs to the specific telemetry data, support findings backed by citations, including CVE bases, and trace every insight back to the underlying evidence.
It also uses a unified otology of 150,000 telemetry columns for structured mapping, allowing the platform to understand relationships across logs, systems, and events, anchoring responses in verified internal data and known vulnerability sources rather than generating free-form conclusions.
By improving risk identification, reports that previously required architects to spend weeks of work to create can now be produced in minutes, shortening the time between detection and response.
This allows human analysts to focus on high-value tasks such as complex attack path modeling and strategic risk planning as the AI handles the data-heavy analysis.
This integration links findings to internal telemetry and recognized sources such as CVE databases, making security reports traceable and verifiable, and creating defensible documentation that supports audits, regulatory compliance, and informed board-level decision-making.
By grounding outputs in structured data and citations, the system also reduces the risk of fabricated or unsupported conclusions.
The integration also provides broader coverage and faster analysis to reduce dwell time for the attacker, limiting the potential impact on customer data.
Building Transparent AI for Enterprise Risk Management
Security researchers have identified security issues with platforms such as OpenClaw, an open-source autonomous AI agent framework that allows AI agents to take actions across enterprise tools with limited guardrails and reduced transparency.
As agentic AI adoption increases, the speed at which security and governance frameworks are being fully adapted is not matching this pace.
AI can unintentionally access sensitive datasets outside its intended area, modify configurations that conflict with security baselines, and trigger actions that violate data residence or compliance requirements, often only surfacing after damage occurs.
Without full visibility into what an agent is doing and a lack of verifiable reasoning behind its decisions, this creates both customer and enterprise anxiety around AI autonomy in enterprise environments.
This means that security teams are unable to explain why a control was triggered, or why a system was accessed, weakening governance and post-incident review.
Ganesh Pai, CEO and Founder of Uptycs, highlights how the industry now wants reliable, evidence-based AI in cybersecurity, with this partnership showing how human expertise and transparent AI can work together to shift security from reactive alert handling to strategic risk management.
“The industry is tired of ‘Security Slop’ and AI that guesses,” he said.
“This partnership demonstrates how we can safely combine human and AI capabilities, moving from reactive security to strategic transformation.”
