Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Cybersecurity in the Low-Code Age: Emerging Threats and Protective Strategies

Low-code platforms have become a transformative force in the dynamic world of software development. They’ve democratized the designing, building, and deployment of software, which has had a ripple effect across entire industries. Today, with minimal coding expertise, users can craft innovative applications tailored to meet the needs of consumers and businesses alike. But the allure of low-code simplicity also creates a challenge.

Enabling Secure AI Innovations by Citizen Developers

Technology can change in the blink of an eye, and nowhere is this more evident than in the rise of “citizen developers.” Often without formal technical training, these individuals leverage user-friendly platforms to create, innovate, and deploy AI-driven solutions. But with the support of intuitive interfaces, templates, and code snippets come challenges. Security can be a challenge hidden in the simplicity of drag-and-drop designs.

What a Vulnerability in Salesforce Apex Code Means for You

Varonis researchers have recently disclosed that several government agencies and private-sector companies had customized or added features to their Salesforce Apex code that leaked data, allowed data corruption, or allowed an attacker to disrupt business functions. Impacted data included the usual suspects like phone numbers, addresses, social security numbers, and username/password combinations.

Making Sense of AI in Cybersecurity

Unless you have been living under a rock, you have seen, heard, and interacted with Generative AI in the workplace. To boot, nearly every company is saying something to the effect of “our AI platform can help achieve better results, faster,” making it very confusing to know who is for real and who is simply riding the massive tidal wave that is Generative AI.

OpenAI's GPT Store: What to Know

Many are speculating that at long last, OpenAI’s GPT store is set to go live this week. GPT builders and developers received an email on January 4th notifying them of the launch, which has been rumored for months, and likely only delayed due to the drama that has taken place at the company. This blog will summarize what this means for citizen development and how security teams should approach this new technological breakthrough from the AI giant.

Securely Power Up Business Intelligence: Zenity Introduces Security & Governance Support for PowerBI

Businesses of all shapes and sizes are leveraging Microsoft Power BI to find insights within their own data. This standalone tool (not a part of Power Platform, despite its name) has emerged as a powerful tool, empowering all business users, not just trained data scientists, to transform raw data into meaningful insights. From data visualization to interactive dashboards, Power BI has become a cornerstone for decision-making across industries.

Microsoft Copilot Studio Vulnerabilities: Explained

Last week, Michael Bargury and the team at Zenity published a video summarizing 6 vulnerabilities that are found in Microsoft Copilot Studio. The video highlights, in sequence, a myriad of ways that business users can create their own AI Copilots that are risky, why they are risky, and how they can be easily exploited. While I highly recommend checking out the video, this blog sets out to provide a look at why these vulnerabilities matter, and what considerations should be taken to mitigate them.

Zenity Leads the Charge by Becoming the First to Bring Application Security to Enterprise AI Copilots

Microsoft Ignite 2023 was an eventful one, with many announcements across Microsoft’s AI Copilot capabilities. The biggest announcement, in our opinion, is that of Microsoft Copilot Studio, a low-code tool that allows professional and citizen developers to build standalone AI Copilots, as well as customize Microsoft Copilot for Microsoft 365.