Tel-Aviv, Israel
2021
  |  By Cinthia Portugal
Anthropic’s Claude Tag represents a meaningful shift in how AI agents operate inside the enterprise. Unlike traditional AI assistants that act on behalf of an individual user, Claude Tag introduces a shared AI agent with its own identity, credentials, service accounts, and permissions. That shared agent lives inside a Slack channel, builds context over time, connects to enterprise systems, and performs work for everyone in the conversation.
  |  By Cinthia Portugal
For the past two decades, enterprise security has evolved around a relatively stable assumption: software executes instructions, people take actions, and security teams are responsible for understanding and governing the interaction between the two. The technologies have changed. Infrastructure moved to the cloud. Applications became distributed. Identities expanded beyond employees to include partners, contractors, and machines. Yet the underlying model remained remarkably consistent.
  |  By Ben Hanson
The regulatory landscape for agentic AI is moving faster than most compliance programs are tracking. CISOs who wait for final guidance before building their compliance posture will find themselves in catch-up mode at exactly the wrong moment and, in some cases, already behind.
  |  By Cinthia Portugal
The next government security challenge isn’t AI models, it’s AI agents. Zenity and Carahsoft are helping agencies prepare. Across government agencies, AI agents are already interacting with sensitive data, mission-critical workflows, and public services. Yet most organizations still lack visibility into where these agents are deployed, what they can access, and how they behave once operational. The result is a growing governance gap between AI adoption and AI security.
  |  By Cinthia Portugal
Many organizations still use the terms AI governance and AI security interchangeably. While they are closely related, they address fundamentally different challenges. Governance establishes accountability, defines acceptable use, manages risk, and helps organizations align AI adoption with business, legal, and regulatory requirements. Security focuses on understanding and controlling behavior.
  |  By Greg Zemlin
We are excited to share that Zenity now integrates with Claude's Compliance API to bring Claude activity into the same AI security and governance platform enterprises already use to govern agents across the business. By combining Claude's Compliance API telemetry with Zenity's native agent security capabilities, security teams gain the visibility, posture controls, and real-time enforcement needed to secure Claude across the full agent lifecycle.
  |  By Chris Hughes
Identity tells us an agent is allowed to act, intent tells us why it is acting. In an agentic world, only one of those questions actually predicts whether your environment is about to break.
  |  By Chris Hughes
Least privilege is foundational. It's been a core security principle for decades, and it's no less relevant in agentic AI environments. An agent shouldn't hold permissions beyond what its task requires, and remediating over-permissioned agents is one of the highest-value quick wins available to any agentic AI security program. But here's what the security industry has been slow to acknowledge: correctly implemented least privilege still isn't sufficient.
  |  By Taylor Roberts
The Trump administration has spent much of its second term removing regulatory constraints on AI development. On June 2, it added one back voluntarily and carefully. Earlier this week, President Trump signed "Promoting Advanced Artificial Intelligence Innovation and Security" after months of internal debate, a last-minute pull of the signing in May, and a compressed final timeline. The result of this tumult is an order that strikes a deliberate balance.
  |  By Kayla Underkoffler
At Zenity, we like to say we don't only exist on the bleeding edge; we are the bleeding edge. It's a defensible claim. Zenity Labs consists of multiple teams focused on various technical disciplines within the security industry, and while the Labs moniker sits loosely over the group, the work it produces tells a unified story around AI Agent security.
  |  By Zenity
Zenity's low-code security research team is exposed to real world low-code applications on a daily basis, and we're glad to share our knowledge in this domain in order to help you to design and develop secure low-code applications.

Continuously protecting all low-code/no-code applications and components! Design and implement governance policies, identify security risks, detect emerging threats and drive automatic mitigation and response.

Low-code/no-code development and automation platforms are the wave of the future. The largest companies in the world are already adopting low-code/no-code development for their core business units. But with all their benefits, low-code/no-code development brings with it a host of governance challenges and risks that are unaddressed by existing InfoSec and AppSec solutions.

Zenity, the first and only governance and security platform for low-code/no-code applications, creates a win-win environment where IT and information security can give business and pro developers the freedom and independence they want in order to continue pushing their business forward while retaining full visibility and control.

Our Platform:

  • Discover: Identify shadow-IT business applications across your low-code/no-code fleet and track sensitive and business data movement.
  • Mitigate: Identify insecure, vulnerable and risky configurations. Drive mitigation and remediation immediately.
  • Govern: Design policies and implement automatic enforcement. Eliminate risks without disrupting business.
  • Protect: Detect suspicious and malicious activity, such as supply-chain attacks, malware obfuscation and data leakage.

Governance and Security for Low-Code/No-Code Applications.