Summer Release 2025: Stop Ransomware Faster, Spot Insider Risk Sooner, and Prove Access is Correct

Ransomware crews do not kick in the front door anymore, they borrow a badge and move like insiders. AI assistants can surface regulated data in a blink. And sprawling permissions make even basic audit questions hard to answer. The Summer Release arriving August 12 adds a sharper answer from the LightBeam platform: real time ransomware containment, adaptive User Entity Behavior Analytics, and scalable Access Review that ties people, content, and permissions together. Add visibility for Microsoft Copilot activity and faster, cleaner consent control through Google Tag Manager, and you get a release built to turn noisy alerts into action.

The through line is identity centric security. Discover sensitive data, map it to real humans, govern access, and automate privacy work in one place, with context that travels from detection to decision to audit evidence. That is how you prevent issues from becoming incidents. It is the job LightBeam was built for.

Ransomware Protection – Turn blast radius into near zero 

The problem is simple to describe and brutal to handle. Encryption or deletion bursts roll across SMB shares and collaboration drives in minutes. Individual tools fire one size fits all alerts with little user context. Analysts pivot between consoles while data disappears.

Ransomware Protection adds a behavioral shield. The platform learns the everyday cadence of each user across sources like SharePoint, Google Drive, and Azure File Share, then flags the spike that signals mass encryption, mass deletion, or silent exfiltration. The moment that spike hits, analysts can cut off the attack in seconds, pausing active sessions, revoking permissions, or isolating compromised identities automatically or with a single click. The Data Identity Graph preserves context, so you see who was affected, which files were touched, and which devices and groups sit in the blast radius. 

Ransomware often looks like business as usual until it is too late. Per user behavioral baselines plus one click containment in the same console move teams from alert fatigue to provable resilience.

UEBA – Anomaly detection that knows what is at stake 

Most teams drown in low context alerts while privilege sprawl gives insiders and compromised accounts cover. Traditional anomaly tools treat all files the same and stop at “alert,” which forces manual triage across multiple systems.

The new UEBA module builds adaptive baselines for every workforce identity and service account across connected data sources. It flags significant deviations, for example a five fold spike in file writes. Every event is enriched with data classification, sensitivity, and entitlement context, so analysts immediately see who introduced risk and who was affected. From that same panel, policy playbooks can suspend sessions, revoke permissions, or quarantine files. Analysts move from hunt to decision without changing tools, and high risk anomalies get attention first.

Access Review – Prove least privilege, without spreadsheets 

Enterprises need a reliable way to answer “who has access to whose or what sensitive data, and why.” Roles change, nested groups stack up, and open shares proliferate, which turns quarterly audits into firefights.

Access Review introduces streamlined, audit ready attestations for any drive, folder, group, or user across SharePoint, Google Drive, and SMB shares. After a scan, reviewers see a familiar spreadsheet style view that lists every internal, nested, and external identity with access. From there, data owners and security teams can investigate flagged permissions, initiate remediation, or mark the review complete. Every decision is captured with reviewer, timestamp, and follow up action in an immutable log, and a one click CSV export aligns to SOC 2 and ISO 27001 evidence requirements.

The differentiator is context. The module resolves data accessed to real people through the Data Identity Graph, then overlays sensitive data tags. That means reviewers can finally answer “who exactly can open this salary file and why,” and they can close the loop with remediation in the same console. This is Data Access Governance in practice: determine, manage, and monitor who has access to which data in file repositories, fix oversharing quickly, and maintain an audit trail of permission activity and review outcomes.

Microsoft Copilot Sensitive Data Governance – Visibility where AI meets your data 

As employees ask Copilot to analyze customer spreadsheets or summarize roadmaps, entitlement tools lose sight of what AI actually surfaced. The Copilot data source adds that missing pane of glass. The platform ingests every prompt, every AI response, and any document a user references, for example Excel workbooks, CSV exports, source code, PowerPoint decks, or contracts. The LightBeam platform tags sensitive attributes, checks entitlements, and routes alerts into existing governance and privacy workflows. Security teams get user level insight into where regulated data appears in Copilot conversations, can filter by time range or data type, and can act from the same console.

Cookie Consent with Google Tag Manager – Faster deployment, consistent compliance 

Consent breaks when triggers are wired by hand and logs are scattered across properties. Native Google Tag Manager support fixes that. Teams can install a pre-packaged Lightbeam Cookie Consent tag from GTM, configure category based triggers, and stream consent states, with timestamps, back into the platform for centralized reporting and automation. Vendor tags fire only when the visitor permits it. Privacy officers get a unified consent audit trail, marketing teams get fewer misfires, and developers get out of brittle custom code. 

Small but mighty additions that remove friction 

Not every upgrade needs a long paragraph to change daily work. A few other features arriving with the Summer Release include:

• Role Based Access Control, so administrators can delegate configuration and reviews to the right people with precision while maintaining separation of duties.
• Oracle Cloud Infrastructure deployment support, so organizations standardizing on OCI can bring the platform to their preferred cloud.
• Hybrid deployment options across SaaS, private cloud, and on premises, so data sensitive environments maintain control and meet residency requirements without giving up speed.
• Egnyte data source support, so companies with Egnyte in their collaboration stack get the same discovery, governance, and protection coverage as other repositories.

Attackers adapt constantly, and so do regulations and audit expectations. The required tools keep growing in number, yet gaps remain at the intersection of people, content, and permissions. Our Summer Release extends an identity centric approach that discovers sensitive data, maps it to real humans, governs access, and automates privacy workflows in one place. That clarity reduces blast radius during an attack, exposes insider risk before data walks out the door, and turns access certification into a repeatable habit instead of a spreadsheet fire drill.

If you lead security or data governance, you do not need another dashboard. You need a system of record for sensitive data and the humans connected to it, with automation that closes the loop. That is the north star for the LightBeam platform, and our Summer Release moves it forward in practical ways, from ransomware containment to consent and AI oversight.

See it in action 

Join our live webinar on August 19 at 1:00 pm Eastern to see the Summer Release in a demo rich session and get your questions answered. 

Register here for the webinar