Salesforce announces initiatives to bring trust and governance to AI agents

A company that’s bet its future on AI agents knows you must be able to trust agents’ actions when they engage with customers and employees. 

So, it’s no surprise that Salesforce today unveiled a set of governance, security and compliance capabilities to help organizations deploy trusted AI agents. 

Salesforce’s State of IT survey, a global survey of more than 2,000 enterprise IT security leaders, put numbers to the issue of AI agent trust. Nearly half (48%) worry their data foundation can’t get the most out of agentic AI, and 55% aren’t fully confident they have appropriate guardrails to deploy agents.

The new capabilities are designed to address those concerns. They allow customers to govern data across the entire Salesforce platform, whether from inside or outside of Salesforce applications.

Salesforce uses several products to create trust and data governance, including Agentforce, Salesforce Data Cloud, MuleSoft and Trusted Services (including capabilities from the recently acquired Own, Shield, and the Trust Layer).

Dig deeper: 10 must-use marketing updates in the Salesforce Summer 2025 releases

The company says these deliver a fully integrated, enterprise-grade foundation for trusted, governed and secure AI, in contrast to fragmented point solutions available elsewhere. Agentforce runs natively on the platform, providing control, visibility and assurance at every stage of agent deployment. 

The capabilities range from Zero Copy data access and built-in policy enforcement to real-time monitoring and AI behavior transparency. They include:

• Salesforce Backup & Recover: Formerly known as Own Recover, this provides 100% protection of Salesforce data and metadata, including automated backups and restoration down to the field level.
• Salesforce Archive: This is for compliance with regulatory requirements and internal data retention policies. It can also optimize performance by only working with relevant data.
• Data Mask and Seed: Protect and seed Sandbox data at scale, making it easier to test and deploy AI agents safely and efficiently.
• Shield 2.0: Provides greater visibility into user activity and behavior, including proactive threat detection and easier compliance reporting.
• Security Center 2.0: Simplify security posture management, including faster data classification and greater visibility into risks, including new automated risk assessments from Own Secure.

“The promise of AI for the enterprise is immense, but realizing it requires a foundation of trusted data and secure development,” said Rahul Auradkar, EVP & GM, Data Cloud, in a statement. “By seamlessly unifying data with Data Cloud, providing intuitive low-code tools to build smarter agents, and embedding governance and security from the ground up, we are empowering every customer to deploy enterprise-grade AI that is both powerful and responsible.”

Dig deeper: Salesforce Agentforce: What you need to know

There are also capabilities to help developers build and test Agentforce agents before they go into production.

With its sandbox environments and Agentforce Testing Center, Salesforce provides tools to help teams build secure agents and validate behavior in an isolated environment using realistic test data, ensuring reliable and responsible performance before deploying in production.

Testing center enhancements, including Synthetic Data Generation and State Injection, will allow customers to test their Agentforce faster by creating realistic test cases in bulk. By adding context variables and conversation history as inputs to test cases, customers can also test how Agentforce reasons through different scenarios.

Users can also control how Agentforce reasons through requests by using custom or conversation variables to store additional key information, such as whether a customer is verified or the results of a search query. Then, they can apply filters that use that cached information to make certain topics and actions unavailable.

With built-in guardrails, Agentforce can be steered through text-based instructions, variables and filters that ensure it does things in the right order. With its instruction adherence checks, Agentforce will let builders know when it is potentially veering off course and provide the ability to troubleshoot by recommending enhanced instructions.