BigID is the first and only data security platform to discover, classify, and secure sensitive data inside AI instruction files

NEW YORK, April 29, 2026 /PRNewswire/ — BigID, the leading data security and AI governance platform, today announced support for Markdown (.md) file scanning and classification. With this capability, BigID becomes the only DSPM solution capable of discovering, classifying, and securing sensitive data embedded in the AI instruction files that power today’s coding tools, agent frameworks, and developer workflows.

The Problem: A Blind Spot Security Teams Don’t Know They Have

As vibe coding and AI-native development become standard enterprise practice, a new class of sensitive artifact has emerged: the AI instruction file. These Markdown documents tell AI models how to behave, what systems to access, and how to handle business-critical operations. Common examples include Claude skills, Cursor rules, GitHub Copilot instructions, MCP server configurations, and custom agent system prompts.

By design, developers load instruction files with the context that makes AI tools effective:

• Internal API structures and access patterns
• Database schema details and authentication flows
• Proprietary business logic and deployment architecture
• Credentials, tokens, and API keys

These files are plaintext Markdown: human-readable, but invisible to every DLP and DSPM tool on the market. Traditional security tools were built for structured data. They cannot parse what’s inside an unstructured .md file, and most organizations have no idea how many of these files exist across their repositories, shared drives, and developer environments.

What BigID Now Enables

With Markdown file support, BigID delivers end-to-end visibility and control over AI instruction files across the enterprise:

• Discovery: Find .md files across cloud storage, code repositories, collaboration platforms, and developer workstations
• Classification: Identify sensitive data within Markdown content, including PII, credentials, API keys, proprietary IP, and internal access patterns
• Risk scoring: Assess exposure by file, data type, and owner, and prioritize what needs immediate action
• Remediation: Restrict access, quarantine files, alert data owners, and integrate with existing security workflows
• Broad format coverage: Claude skills, Cursor rules, GitHub Copilot instructions, MCP server configurations, and custom agent system prompts

Why It Matters Now

Vibe coding — the practice of directing AI coding assistants with natural language to generate entire applications — has dramatically accelerated how fast instruction files proliferate and how much sensitive context ends up inside them. The faster developers move with AI, the more they front-load instruction files with internal system context to get better output. The volume of these files is growing faster than any manual review process can handle.

Traditional DLP and DSPM tools cannot keep up. They excel at structured data: databases, cloud buckets, SaaS platforms with defined schemas. A credential fragment inside a developer instruction narrative will not match a DLP pattern. An API key embedded in a workflow description goes undetected. The result is a fast-growing layer of sensitive data living in repositories and shared drives, outside the reach of every security control in place.

“Markdown files are the new shadow data,” said Dimitri Sirota, CEO of BigID. “They are everywhere in modern development environments, human-readable but invisible to security tools, and they contain more sensitive context than most security teams realize. BigID can now find, classify, and protect what is inside them, and that matters enormously as agentic AI becomes the default way enterprises build software.”

Learn more:

• Your .md Files Are a Security Problem. Here’s Why Nobody’s Talking About It.
• Take an interactive tour to explore how BigID helps reduce risk

About BigID

BigID is the only AI-native platform built to secure data and govern AI across the enterprise. BigID helps organizations discover, classify, protect, and manage sensitive data at scale, from cloud storage and databases to SaaS applications, code repositories, and AI systems. BigID has been recognized for innovation as a World Economic Forum Technology Pioneer; by Forrester as a Leader in Sensitive Data Discovery and Classification; named to the Forbes Cloud 100; the Inc 5000 for 5 consecutive years; the Deloitte 500 for 5 consecutive years; Market Leader in Data Security Posture Management (DSPM); and an RSA Innovation Sandbox winner.

View original content to download multimedia:https://www.prnewswire.com/news-releases/bigid-extends-dspm-to-markdown-files-closing-a-critical-data-security-gap-in-the-age-of-vibe-coding-302757640.html

SOURCE BigID