Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Introducing the Zenity Attack Graph: Visualize Low-Code/No-Code Risk with Full Context

On paper, applications are created to be useful tools that solve specific business needs. Think of an application that tracks all ongoing projects for a product manager, an automation that triggers emails to prospective customers when they fill out a marketing form, or a flow that sends aggregated payment information to a finance manager. While all these applications are fairly straightforward, and seemingly used for singular cases, they are anything but.

Remediation Ballet Is a Pas de Deux of Patch and Performance

Generative AI capabilities continue to make their way into every organization, with increasingly useful ways of helping employees and contractors be more productive. This includes advancing how fully automated vulnerability remediation works, and with the power of generative AI, is able to take into account unique environments and uses in real-time.

Unboxing the Salesforce AI Cloud Announcements

On June 12th, Salesforce announced ‘AI Cloud,’ which aims to embed generative AI capabilities throughout their market leading CRM tool in an effort to enhance productivity for all Salesforce CRM users. The announcement features eight different sections: Sales GPT, Marketing GPT, Slack GPT, Flow GPT, Service GPT, Commerce GPT, Tableau GPT, Apex GPT.

ServiceNow and NVIDIA Team Up: What to Know

A couple weeks ago, ServiceNow and NVIDIA announced a groundbreaking partnership to help expand ServiceNow’s generative AI use cases for their customers to strengthen workflow automation and rapidly increase productivity. ServiceNow is also helping NVIDIA streamline its IT operations by using NVIDIA data to customize NVIDIA NeMo foundation models running on hybrid-cloud infrastructure.

An Explainer for how AI and Low-Code/No-Code are Friends, not Foes

In today’s rapidly evolving digital landscape, organizations not only seek out, but need to harness the power of emerging technologies to stay ahead of the competition. Two of the most promising trends in the tech world are generative AI and low-code/no-code development. Generative AI, in particular, has generated the majority of the headlines, with seemingly infinite use cases to spur productivity for end users and business.

The Power of Low-Code/No-Code Development in Changing Application Development Landscape

The landscape of application development is constantly evolving, driven by technological advancements and changing user demands. Over the past few years, we have witnessed the rise of generative AI, the “shift left” approach, and the increasing prominence of low-code/no-code development.

Who is Securing the Apps Built by Generative AI?

The rise of low-code/no-code platforms has empowered business professionals to independently address their needs without relying on IT. Now, the integration of generative AI into these platforms further enhances their capabilities and eliminates entry barriers. However, as everyone becomes a developer, concerns about security risks arise.

Microsoft Power Platform DLP Bypass Uncovered - Finding #5 - Parent and Child Flow Execution

Analysis of Microsoft Power Platform’s security features revealed limitations that could expose organizations to security risks, such as difficulty enforcing DLP policies for pre-existing resources and issues with HTTP calls or custom connectors.

Zenity Helps Microsoft Identify and Remediate Critical Security Risk in Power Automate Desktop

About seven months ago at Defcon, Zenity CTO Michael Bargury presented security research that discovered and outlined a way to take over Microsoft Power Automate enabling bad actors to send ransomware to connected machines by using Power Automate as it was designed. By simply taking over an endpoint, our research showed that attackers can run their own payloads and execute malware by assigning machines to a new administrative account using a basic command line.