HYCU has announced HYCU aiR (AI Resilience), an AI-native solution that turns backup data across dozens of applications into a live and actionable intelligence for security, compliance, and IT teams.
aiR lets organizations search, query, and run purpose-built agents to surface insider risk, sensitive data exposure, identity drift, and AI agent activity, using their backup data. Every backup is a timestamped record of what happened inside an organization’s applications. HYCU aiR is the first solution built to read it.
AI activity has outpaced human-scale oversight. Atlassian, Microsoft 365, Salesforce, GitHub, and other applications and platforms are no longer playgrounds, but rapidly evolving systems of record where AI agents and copilots do most of their work. The conventional response is to buy more visibility: DSPM for sensitive data, insider risk platforms, identity governance, behavioral analytics.
Each is useful, narrow in scope, and priced for enterprises that can afford a dedicated team to run it. Stack the categories together and the visibility bill alone exceeds what most midmarket organizations spend on their entire security stack.
Most organizations cannot make that math work. The applications their people work in, including Salesforce, GitHub, Jira, Confluence, Box, and Okta, remain unclassified and unmonitored. The questions never get asked. Is there PCI data in Confluence? Is there PHI in Salesforce? Is there a user systematically exporting critical data in Box? The tools built to answer them are priced for the Fortune 500, not the midmarket healthcare and financial services firms where the gap is widest.
“For two decades, security tools watched what happened inside applications and backup tools stored the record of it. The two never spoke,” said Simon Taylor,CEO, HYCU. “That worked when data changed slowly, and humans were the only ones touching it. Neither is true anymore. Between SaaS sprawl and AI agents acting at machine speed, most companies can’t tell you what they have, let alone what changed in the last hour. Resilience now means knowing what you had, what changed, who changed it, what data was impacted, and recovering immediately. aiR delivers intelligence. R-Cloud delivers recovery. That’s what resilience looks like.”
How HYCU aiR works
HYCU aiR adds significant capabilities to HYCU R-Cloud.
Natural language search across backups. Organizations can ask plain-language questions of their backup data: “Show me all files containing passport numbers across our Salesforce and Microsoft 365 backups.” “Flag every permission change in our Okta environment over the last 90 days.” “Identify which AI agents accessed customer records in the past month.” With the information already contained in HYCU backups, aiR makes it queryable, from the first snapshot, with no configuration required.
An Agent Garden of purpose-built agents. Each agent reads the same backup data and answers a different question. Regulated Data and IP finds PII, PHI, financial records, and intellectual property scattered across protected applications. Insider Risk detects unusual access patterns and behavioral anomalies. Configuration Drift compares snapshots over time to identify settings that changed without authorization. IAM Posture Management tracks identity drift and access policy violations. Anomaly Detection spots unusual data patterns that signal compromise. Agent Governance monitors AI agent activity across the protected estate. Customers extend the garden by building and publishing their own templates, creating agents that ask the questions specific to their compliance regime, their industry, and the way their organization actually works.
Every agent reads from the same source: data the organization was already protecting. Because every query runs across every protected application at once, HYCU can surface thousands of cross-application insights no point tool could produce. The intelligence was always there. HYCU is the first to treat backups as a memory rather than as insurance.
“AHMC Healthcare backups are very important to our ability to respond safely and efficiently in an event that requires us to recover quickly,” said Ash Shehata, CIO, AHMC Healthcare.
“With HYCU aiR it will provide us the first way to read what our backups already know. This capability offers us a complete, time-stamped record of every file touched and every configuration adjusted, empowering AHMC to ask our backups in plain English for quick and efficient understanding of the data landscape. Prior to this it would take days or weeks to review logs and significant manpower. With aiR it’s a game changer and it puts the power back in our hands! I feel that CIOs can sleep better now knowing their backups are AI-enabled and are safeguarding their data,” Shehata continued.
Coverage that compounds intelligence
The value of backup intelligence scales directly with what you back up. A vendor protecting virtual machines and Microsoft 365 can surface insights only from those two environments. HYCU protects more than 100 unique workloads, including on-premises infrastructure, every major cloud, SaaS systems of record, DevOps toolchains, identity platforms, collaboration tools, databases, and AI workloads such as vector databases and data pipelines.
That breadth is what makes aiR’s economics work. Insights from 100 protected applications are not ten times the insights from ten. They reveal cross-application patterns no single-workload tool can surface:
- An identity change in Okta that quietly cascades into Salesforce and GitHub permissions
- An AI agent that read customer records in Confluence and wrote output to SharePoint
- Regulated data that left a sanctioned application six months ago and now lives in three places no compliance team has mapped
“HYCU built the broadest protection coverage in data protection precisely because the organizations they serve cannot afford gaps,” said Enrique Salem, Partner, Bain Capital Ventures. “aiR turns that coverage into a security intelligence advantage that purpose-built visibility tools spend years and hundreds of millions in customer budgets trying to replicate. The economics here are fundamentally different, and that matters enormously to the midmarket organizations that make up the largest underserved segment in security.”
