In the ever-evolving landscape of cybersecurity, the use of open-source red teaming tools has become indispensable. These tools not only raise awareness about potential vulnerabilities but also encourage security teams to think like attackers so they can begin the process of protecting their organizations against them. By simulating real-world attack scenarios, organizations can better understand their security posture and proactively address weaknesses.

Last week, Google launched Project Mariner, an AI Agent built for the browser, based on the updated Gemini 2.0. Project Mariner is built on top of Google Gemini and can be used to browse the web on your behalf, taking commands from within a Chrome extension and performing autonomous tasks on your behalf.

Low-code development platforms have revolutionized the way organizations build and deploy applications by enabling rapid innovation and empowering citizen developers. However, this democratization of app creation brings new security challenges that traditional security approaches struggle to address. As businesses increasingly rely on low-code solutions, automating security becomes crucial to maintain an adequate defense against evolving threats.

The rapid adoption of AI agents and copilots in enterprise environments has revolutionized how businesses operate, boosting productivity and innovation. We continue to see more and more innovation in this space, between Microsoft Copilot continuing its dominance, and with Salesforce Agentforce recently announced, business users of all technical backgrounds can now even build their own AI agents that act on our behalf.

AI Agents are revolutionizing enterprise efficiency, automating decisions, and enhancing capabilities. But while these agents drive operational improvements, they also introduce unique security challenges. Traditional silos often hinder effective risk management.

AI Agents have become indispensable in modern enterprises, driving efficiency, innovation, and competitive advantage. These agents, which can perform tasks ranging from simple automation to complex decision-making, are transforming how businesses operate. The adoption of AI agents is widespread, with companies leveraging them to enhance customer service, streamline operations, and gain insights from vast amounts of data.

With AI moving faster than ever, businesses are embracing GenAI and Agentic AI to supercharge their development processes, enabling both technical and non-technical users to build, innovate, and automate. However, the need for security in this space has never been more critical. That’s where Zenity comes in and why I’m so excited to join the company, especially at a time of immense growth and expansion given our recent Series B funding.

The landscape of how business gets done at the enterprise level is changing dramatically. At Zenity, we have always believed in the transformative power of business-led development. Since our inception in 2021, our mission has been to empower business users with the tools they need to innovate and drive productivity, while ensuring security teams have robust security and governance measures in place.

Financial institutions must adhere to stringent regulations set forth by the Federal Deposit Insurance Corporation (FDIC) to ensure the security and confidentiality of customer information. Title 12, Chapter 3, Subchapter B, Part 364 of the Code of Federal Regulations is particularly important, outlining the standards for information security that these institutions must follow, especially regarding the handling of customer information and data.

The Zenity Labs team has discovered that non-administrator users can modify existing flows that were connected to Einstein by an administrator, influencing Einstein without having the necessary permissions to edit it directly. In doing so, bad actors can easily insert malicious actions into flows that are triggered by business users throughout the enterprise, including phishing attacks, data exfiltration, and more.