Anthropic's Compliance API does two things. It gives enterprise security and compliance teams programmatic access to conversation content from Claude Enterprise, covering chats, uploaded files, and projects. It also surfaces activity events from both Claude Enterprise and the Claude Platform, including user logins, admin actions, and configuration changes. Together, those two data streams make it possible for organizations to apply the same monitoring, DLP, incident response, and identity governance workflows they already run across email, endpoint, and cloud to everything Claude touches in their environment.
All 28 integrations went live simultaneously on May 21, 2026. Anthropic announced the launch through its own blog at claude.com, framing it as a moment where IT and security teams can now govern Claude the same way they govern other applications in their stack. The partner list covers DLP, SASE, data security, SIEM and security operations, identity, eDiscovery, AI security posture management, and AI observability. For CISOs and governance program managers who've been fielding board questions about Claude deployments without a governance architecture to show them, this changes the answer.
Key Terms
Claude Compliance API — A REST API giving enterprise IT and security teams real-time programmatic access to Claude activity data across deployments, replacing manual exports and periodic reviews.
Claude Enterprise — Anthropic's enterprise deployment product, whose conversation content (chats, files, projects) is accessible via the Compliance API for DLP and compliance review.
Claude Platform — Anthropic's developer API, which surfaces activity events (logins, admin changes, API usage) through the Compliance API for SIEM and governance teams.
AI Security Posture Management (AI-SPM) — A category of tools that continuously assess the security configuration and risk posture of AI systems, analogous to cloud security posture management (CSPM) for cloud infrastructure.
Shadow AI — AI tool usage occurring outside official IT procurement and oversight, making it invisible to security and compliance programs.
Why Enterprise AI Governance for Claude Couldn't Wait Any Longer
Claude's enterprise adoption has moved faster than anyone's governance infrastructure. According to the Netskope AI Index, Claude grew from 56.2% to 94.9% enterprise adoption between April 2025 and April 2026 — nearly doubling in twelve months. That deployment happened before organizations had any programmatic way to see what employees were doing inside Claude, what sensitive data was moving through prompts, and whether Claude agents were operating within policy. The governance architecture lagged the deployment by roughly a year.
94.9% Enterprise adoption of Claude as of April 2026, up from 56.2% in April 2025.
Netskope AI Index, 2026.
Proofpoint's 2026 AI and Human Risk Landscape Report put a harder number on the risk: nearly nine in ten global organizations had moved AI assistants beyond pilot, yet 42% had already experienced a suspicious or confirmed AI-related incident. Those organizations were running Claude at scale inside their most sensitive workflows with no continuous monitoring and no integration into the security controls that covered the rest of their environment. The governance gap wasn't theoretical. It was producing incidents before the tooling existed to catch them.
Claude adoption had outpaced governance infrastructure at the majority of enterprise deployments
Security teams had no programmatic access to Claude activity, relying instead on manual log exports and periodic reviews
Employees were sharing sensitive data through AI prompts at a scale that exceeded human oversight capacity
AI agents were accessing production systems and data under service accounts with no audit trail visible to SIEM or DLP platforms
Compliance programs couldn't produce audit evidence of Claude activity because none existed in a format reviewable by existing tools
Identity teams had no visibility into who held admin permissions in Claude, which API keys were active, and which accounts had been orphaned after employee departures
Legal and eDiscovery functions had no way to collect Claude Enterprise conversation data for regulatory review or litigation hold
Adversary use of AI was accelerating in speed and scale, according to CrowdStrike's 2026 Global Threat Report, while enterprises had blind spots in their detection architecture wherever Claude was running
The structural problem was specific. Organizations had security programs built for a world where humans were in the decision loop for every consequential action. Claude changed that clock. An agent that can execute dozens of tool calls across eight systems in three minutes doesn't fit inside a governance architecture designed for review cycles measured in hours. The Compliance API is Anthropic's response to that gap, and the 28 partners that launched alongside it are the ecosystem that makes the response operational.
What Enterprise AI Governance for Claude Looked Like Before This Week
Before the Compliance API, the standard approach was manual. Organizations could generate usage reports from the Claude admin console, export logs in batches, and route them through a workflow someone had built to fit what the console could produce. None of that fed into a SIEM automatically. None of it triggered DLP policies in real time when a developer pasted proprietary source code into a prompt. None of it connected to the identity governance system managing provisioning and deprovisioning across the rest of the stack. Claude activity was a blind spot inside every security architecture it touched.
Shadow AI made the problem larger. Organizations that hadn't officially deployed Claude couldn't see it being used through personal accounts, browser extensions, or API keys created outside the procurement process. And those that had deployed it officially had no continuous visibility — only whatever a compliance team could manually review when someone asked them to look. The lag between when a risky interaction happened and when a security team could theoretically detect it was measured in days or weeks, not minutes. For AI agents running automated workflows, that lag was operationally catastrophic.
The eDiscovery gap deserves specific mention because it's the one that creates the most acute regulatory liability. When a legal hold applies to a specific employee's communications and that employee had been using Claude Enterprise for analysis, drafting, and decision-making, there was no mechanism to collect that data into a reviewable format. The interaction existed inside Anthropic's infrastructure with no path into the litigation hold and no forensic integrity chain that legal teams could rely on in proceedings. That exposure was invisible until an investigation made it visible.
All 28 Integrations — What Each One Does and Who's Behind It
The 28 integrations span seven distinct categories of the enterprise security stack. Each one connects to the Compliance API through the same two-stream architecture — conversation content from Claude Enterprise and activity events from both Claude Enterprise and Claude Platform — but what they do with that data reflects the specific governance problem each platform was built to solve. Here's the full breakdown, category by category.
Category | Partners |
|---|---|
SIEM & Security Operations 5 | CrowdStrike, Datadog, Sumo Logic, Cribl, ReliaQuest |
DLP & Data Security 7 | Proofpoint, Microsoft Purview, Forcepoint, Trellix, Varonis, Cyera, Rubrik |
SASE & Network Security 3 | Netskope, Zscaler, Fortinet |
Identity & Access 2 | Okta, SailPoint |
eDiscovery & Comms Governance 4 | Relativity, Smarsh, Theta Lake, Mimecast |
AI Security Posture Management 6 | Palo Alto Networks, Wiz, Tenable, IBM Guardium, Cloudflare, Snyk |
AI Observability 1 | Geordie AI |
SIEM and Security Operations
CrowdStrike brings Claude audit data into the Falcon platform through an integration authored by Dixon Styres and announced via the company's investor relations arm on May 21, 2026. Falcon Next-Gen SIEM ingests Claude activity and correlates it with the trillions of endpoint, identity, and cloud events already flowing through the platform daily. A developer who logged in from an unusual location and then ran a high-volume file upload into Claude shows up as a coherent behavioral story inside the same investigation timeline that would cover their endpoint and cloud activity. Charlotte Agentic SOAR can trigger automated response based on that correlation, creating cases, running enrichment, and routing to analysts without requiring a human to connect the dots first.
Datadog extends its observability platform to Claude activity, adding AI telemetry to the same infrastructure monitoring dashboards where engineering teams already track application performance, cloud costs, and pipeline health. This matters for organizations running Claude Platform for internal tooling: developer teams can now see Claude API usage patterns alongside the rest of their observability data without switching tools.
Sumo Logic and Cribl play complementary roles on the log infrastructure side. Sumo Logic's integration routes Claude activity logs into its cloud-native SIEM for threat detection and compliance reporting. Cribl, which many enterprises already use to route and transform log data at scale, can now include Claude as a data source in existing pipeline configurations, letting teams direct Claude telemetry into whichever destination their logging architecture already specifies.
ReliaQuest brings Claude activity into GreyMatter, its security operations platform, adding it to the cross-environment visibility that SOC teams use for unified threat detection.
DLP and Data Security
Proofpoint's integration is among the most architecturally comprehensive of the 28. Mayank Choudhary, EVP and GM of Proofpoint's Information Protection, Cloud Security, and Compliance Products Group, framed the problem in his company's announcement: "Organizations cannot succeed with one governance model for people and another for AI." The integration extends Proofpoint's DLP, insider risk detection, and Digital Communications Governance controls to both Claude Enterprise conversation content and Claude Platform activity logs. Organizations can apply the same classifiers, behavioral risk models, and data loss prevention policies to Claude prompts and responses that they already use for endpoint and email. Proofpoint's 2026 AI and Human Risk Landscape Report found 42% of organizations had already experienced AI-related incidents, making this a live-fire governance problem rather than a future risk.
"Organizations cannot succeed with one governance model for people and another for AI."
Mayank Choudhary, EVP and GM, Information Protection, Cloud Security and Compliance, Proofpoint — May 21, 2026
Varonis brings its Atlas AI Security Platform to bear on Claude through an integration announced by Ron Bennatan, VP of AI and Data Security Strategy at Varonis. The framing from Bennatan's announcement was direct: "Every AI system you deploy is a direct path to your data." Atlas connects Claude activity to the underlying data context — what's sensitive, who has access, and whether that access level is appropriate for what the interaction actually touched. Unlike a pure log analysis approach, Varonis maps AI interactions to the data stores they reach, making it possible to detect when a Claude agent is accessing files outside the scope of its intended task, not just that it accessed something.
"Every AI system you deploy is a direct path to your data."
Ron Bennatan, VP of AI and Data Security Strategy, Varonis
May 21, 2026
Microsoft Purview extends its data governance and compliance platform to Claude Enterprise activity, meaning organizations already using Purview for Microsoft 365 compliance can add Claude under the same compliance umbrella without a separate governance stack.
Forcepoint and Trellix bring their respective DLP and security operations capabilities to Claude through the API.
Cyera and Rubrik round out the data security category: Cyera focuses on data security posture management, mapping Claude activity to its data discovery and classification findings; Rubrik adds data protection and cyber resilience capabilities, monitoring Claude interactions against its data management policies.
SASE and Network Security
Netskope's integration connects Claude Enterprise directly into the Netskope One platform, bringing Claude under the same SASE security controls that govern other cloud application access in the environment. Sanjay Beri, Netskope's CEO and co-founder, noted in the company's announcement that the deployment speed of AI had created urgency: "Organizations are rapidly moving beyond experimentation and embracing AI at scale." The Netskope AI Index data underpins why: Claude adoption had nearly doubled in twelve months, and most of that deployment happened faster than the security architecture around it could adapt. Netskope's integration surfaces full asset, identity, and activity visibility for Claude and extends Netskope's data security posture management into AI-generated interactions.
"Organizations are rapidly moving beyond experimentation and embracing AI at scale."
Sanjay Beri, CEO and Co-founder, Netskope
May 21, 2026
Zscaler's integration extends its zero trust exchange to Claude, applying Zscaler's inline inspection and policy enforcement to Claude activity in the same network security posture it maintains for SaaS applications and web traffic. For organizations running Zscaler as their primary network security architecture, this makes Claude a governed application rather than a traffic blind spot. Fortinet's integration brings Claude into the Fortinet Security Fabric, connecting AI activity monitoring to Fortinet's existing threat intelligence and network security infrastructure.
Identity and Access
Okta's integration connects Claude usage into its Identity Security Posture Management (ISPM) product. Ric Smith, President of Products and Technology at Okta, stated that "Identity is the only control plane that matters" when a single compromised identity can open access to an entire AI ecosystem. ISPM surfaces orphaned accounts, dormant admin API keys that haven't been rotated, privilege escalation risks, and offboarding gaps — the specific identity failure patterns that create exposure inside Claude deployments. The integration will be available in beta to organizations running Okta ISPM alongside Claude Enterprise or Claude Platform. Okta's broader AI agent security platform, built through Auth0 for AI Agents and Okta for AI Agents, extends governance across the full lifecycle of Claude agents as first-class identities.
SailPoint announced its Compliance API connector through Chandra Gnanasambandam, its EVP of Product and Chief Technology Officer. The connector extends SailPoint's Identity Security Cloud to Claude Enterprise, allowing organizations to manage users, groups, roles, and Claude AI agents from the same centralized control point that governs access across the rest of the enterprise. SailPoint had already launched its Agentic Fabric product earlier in May, building the infrastructure for agent identity governance; the Claude Compliance API integration makes that governance practical for organizations already running Claude in production. The connector addresses Shadow AI by putting Claude under the same identity lifecycle controls that cover every other critical application, including provisioning, deprovisioning, and access certification reviews.
eDiscovery and Communications Governance
Relativity's integration is the most significant development for legal, compliance, and eDiscovery functions. RelativityOne can now collect Claude Enterprise conversation data directly as a native data source, joining ChatGPT Enterprise and Gemini Enterprise in Relativity's collection library. That means conversation prompt and response data, uploaded files, and projects can be placed under litigation hold, normalized into Relativity Short Message Format, and processed into a reviewable format with the metadata required for legal defensibility. The context here matters for regulated industries: organizations in financial services, healthcare, and legal services now have a documented chain of custody for Claude interactions if those interactions become relevant in regulatory proceedings or litigation.
Smarsh provides electronic communications archiving and supervision for regulated industries, and its integration brings Claude Enterprise under the same supervision and surveillance infrastructure it applies to email, chat, and social platforms. For financial services firms subject to FINRA and SEC record-keeping rules, this makes Claude interactions archivable alongside every other regulated communication channel.
Theta Lake adds AI-native compliance capabilities, applying its review and detection workflows to Claude conversation content for communications compliance programs.
Mimecast rounds out this category by extending its communications security and compliance platform to Claude, adding data retention and supervision capabilities for organizations that already run Mimecast for email governance.
AI Security Posture Management
Palo Alto Networks' integration brings Claude into its Cortex Cloud Data Security Posture Management platform through a four-phase approach: immediate visibility into what sensitive data is moving through Claude, active detection of policy violations and credential exposures, prevention through user coaching notifications, and behavioral anomaly detection for account compromise scenarios. The integration was authored by Arpit Bhatt on Palo Alto Networks' cloud security blog. A developer pasting proprietary source code into Claude, a finance analyst uploading a confidential forecast, an HR partner sharing employee data — each of those interactions, previously invisible to security programs, now flows into Cortex Cloud DSPM with the same inspection logic applied to the rest of the enterprise data environment.
Wiz, now part of Google Cloud following Alphabet's $32 billion acquisition in March 2026, brings the Wiz Security Graph to Claude governance. The integration, authored by Rami McCarthy, Benjamin Read, and Merav Bar on the Wiz blog, gives security teams total visibility into Claude usage, configurations, and identity risks within the Wiz platform. For organizations already using Wiz for cloud security posture management, Claude becomes part of the same risk graph that maps cloud infrastructure risks — meaning a misconfigured Claude deployment can surface alongside the rest of the cloud risk picture rather than existing as a separate audit exercise.
Tenable's integration brings Claude activity data into Tenable One, its Exposure Management Platform. Eric Doerr, Tenable's Chief Product Officer, framed the case at the company's EXPOSURE 2026 conference: "AI is no longer just a productivity tool but a critical asset that requires rigorous governance." The integration enables organizations to audit Claude usage against corporate acceptable-use policies and regulatory frameworks including the EU AI Act, detecting malicious and suspicious activity through the same exposure management workflows already deployed across the rest of the environment.
"AI is no longer just a productivity tool but a critical asset that requires rigorous governance."
Eric Doerr, Chief Product Officer, Tenable
EXPOSURE 2026, May 21, 2026
IBM Guardium extends its data security and protection platform to Claude Enterprise, adding AI-generated interaction monitoring to the same data activity monitoring infrastructure that covers databases, file shares, and cloud data environments.
Cloudflare's integration applies its security capabilities to Claude agent execution environments — a natural extension given that Cloudflare is also one of the infrastructure partners for Claude's managed agents sandbox deployments.
Snyk, which focuses on developer security and code risk, integrates with the Claude Compliance API to extend its security testing and vulnerability management capabilities to Claude deployments in developer workflows, making it possible to apply Snyk's code-aware security intelligence to the AI-generated code that Claude produces inside engineering pipelines.
AI Observability
Geordie AI rounds out the 28 with an AI-native observability integration, extending agentic AI security and governance coverage to Claude through the Compliance API. For organizations that need specialized observability tooling designed for AI-specific behaviors rather than adapted from general infrastructure monitoring, Geordie AI's integration adds Claude to its purpose-built observability architecture.
Sources — Complete Attribution List
Anthropic, "Claude now works with more security and compliance tools," claude.com/blog/compliance-api-security-partners, May 21, 2026 — primary source for the full 28-partner list
Proofpoint, Inc. — Press release, proofpoint.com/us/newsroom, May 21, 2026. Quote: Mayank Choudhary, EVP and GM, Information Protection, Cloud Security and Compliance, Proofpoint
Varonis Systems, Inc. — Press release via Globe Newswire and Manila Times, May 21, 2026. Quote: Ron Bennatan, VP of AI and Data Security Strategy, Varonis
Netskope — Press release via Globe Newswire, May 21, 2026. Quote: Sanjay Beri, CEO and Co-founder, Netskope. Claude adoption stat: Netskope AI Index, April 2026
Okta, Inc. — Newsroom announcement, okta.com, May 21, 2026. Quote attributed to Ric Smith, President of Products and Technology, Okta
SailPoint, Inc. — Press release via Globe Newswire, May 21, 2026. Announcement attributed to Chandra Gnanasambandam, EVP of Product and CTO, SailPoint
Tenable Holdings, Inc. — Press release via Globe Newswire, EXPOSURE 2026, May 21, 2026. Quote: Eric Doerr, Chief Product Officer, Tenable
CrowdStrike Holdings, Inc. — Blog post by Dixon Styres, crowdstrike.com, May 21, 2026. Press release via Business Wire, CrowdStrike IR, May 21, 2026
Palo Alto Networks — Blog post by Arpit Bhatt, paloaltonetworks.com/blog, May 21, 2026
Wiz, Inc. (now part of Google Cloud) — Blog post by Rami McCarthy, Benjamin Read, Merav Bar, wiz.io/blog, May 19, 2026
Relativity — Press release via PR Newswire, May 21, 2026
Proofpoint 2026 AI and Human Risk Landscape Report — 9 in 10 organizations beyond pilot; 42% AI-related incidents
CrowdStrike 2026 Global Threat Report — Adversary AI use accelerating in speed and scale
Anthropic Help Center — "Get started with Claude Compliance API integrations," support.claude.com, May 21, 2026
Our Take
AI Governance Take
What the 28-Integration Launch Means for the Market and for Buyers Right Now
This isn't a partnership announcement with 28 logos. It's the first time a frontier AI platform has connected its governance infrastructure directly to the enterprise security stack at this scale, simultaneously, on a single day. Every other major AI platform that enterprises are deploying at scale — ChatGPT Enterprise, Gemini Enterprise, Microsoft Copilot — is now competing in a market where "we integrate with your existing security stack" has become table stakes. Anthropic moved faster and wider on day one than most observers expected, and the 28 partners that launched alongside it represent relationships that took months to build before this week.
For governance program managers building AI governance programs right now, the practical question is which of the 28 platforms are already deployed in your environment and how quickly you can enable the Claude integration. Proofpoint, CrowdStrike, and Okta combined cover the majority of enterprise security stacks. If your organization runs any of them, Claude governance doesn't require a new vendor. It requires a new configuration. That's a materially different conversation with your CISO and your procurement team than it was last week.
For organizations that don't yet have comprehensive AI security posture management in place, the Palo Alto Networks, Tenable, and Wiz integrations represent the most complete purpose-built approach to governing Claude as an AI-specific risk surface. Palo Alto Networks' four-phase model — visibility, detection, prevention, and behavioral anomaly detection — is the most comprehensive architecture described in any of the 28 announcements. For organizations building an AI security posture program from scratch, that framework is worth understanding before choosing a platform.
The vendor that built a Claude governance integration this week has a named reference point for every enterprise Claude deployment in their pipeline. That's not an accident. Each of the 28 partners spent the first half of 2026 watching Claude adoption accelerate past their customers' governance capacity. The Compliance API gave them the infrastructure to solve it. The organizations that act on that infrastructure first are the ones that won't be reconstructing what happened after the incident.
