AppOmni

How would you explain third-party tokens to friends and family this Thanksgiving? 🔑 🍽️ Comment below 👇

"The scale of the Gainsight compromise underscores that many organizations did not apply the lessons they should have learned from Drift, leaving large portions of their SaaS supply chain exposed.” I can't stop thinking about that quote from Brian Soby on the #Salesforce Gainsight breach because it covers exactly what I and other important voices in this ecosystem are saying: security is a never-ending commitment. Do not wait to apply appropriate security measures until after an attack has happened. Do not assume this kind of breach will not happen to you. Data is now more powerful than ever, and it is our responsibility to protect it. Check out more on the latest situation in my post here: https://lnkd.in/ew2twrkr

⚠️ Newsflash: malicious actors can exploit default configurations and silently recruit ServiceNow Now Assist AI agents for unauthorized actions. The Hacker News shares more about Aaron C.'s latest research into exploiting agent-to-agent discovery via prompt injection. "This research highlights that the secure configuration of AI agents is just as important, and sometimes more effective, than protections applied within the prompts of agents themselves." — Aaron Costello, Chief of Security Research. Get the full scoop with the link in the comments.

🚨 𝐒𝐚𝐥𝐞𝐬𝐟𝐨𝐫𝐜𝐞 𝐆𝐚𝐢𝐧𝐬𝐢𝐠𝐡𝐭 𝐢𝐧𝐜𝐢𝐝𝐞𝐧𝐭: what you need to know https://hubs.la/Q03VhRTL0 Yesterday at 8:00PM PT, Salesforce issued an advisory regarding unusual activity tied to Gainsight-published apps that allowed unauthorized access to customer Salesforce data. AppOmni Scout, our new managed threat hunting service, is monitoring Gainsight IoCs for our current customers and recommends taking these actions immediately: ✅ Review connected apps and OAuth scopes ✅ Rotate your credentials and monitor for suspicious activity ✅ Setup detections / alerts, tighten policies, and more...

Big day today for ServiceNow AI security with two HUGE pieces of news. The first is that we just launched AppOmni AgentGuard for ServiceNow. This is the most profound feature / mini-product I've ever built for so many reasons. One of these reasons being that it's the FIRST security tool on the market with the suite of capabilities that it has. But this isn't just a security tool, it's an enablement tool for your organisations to safely build AI agents on ServiceNow. The real question is, how? Here's a 'little' summary. ● Prompt Injection Firewall ◆ Block and detect prompt injection attacks against Now Assist AI agents in (actual) real-time. ◆ Quarantine repeat-attackers from using AI agents, with automatic time-based and/or manual un-quarantine options. ◆ Real-time alerts for attacks which are HIGHLY enriched. We correlate a crazy amount of data sources so that SOC teams can begin forensics immediately. ◆ Not browser-based, so don't worry about missing unmanaged users or off-browser Now Assist AI integrations with platforms like Slack. ● AI DLP Violations ◆ Detects and block classified / sensitive data being used by AI agents. ◆ Ships with several DLP policies out-of-the-box, such as SSNs. ◆ Build your own DLP policies in seconds. ◆ Full privacy. Your classified data is NEVER shown to AppOmni. ● Action Analysis ◆ Real-time monitoring and alerting in AppOmni of suspicious actions that agents take which deviate from intended tasks and instructions. ● Highly Configurable ◆ Full control to the customer, turn it on and off as you please or switch modes between monitor only and block mode. ◆ Pick exactly how aggressive you want the firewall to be. ◆ Use AI DLP standalone, or in conjunction with the prompt firewall. Mix and match modes as you please. ◆ Customise the messages that the end users see depending on the type of violation. ◆ Quarantine users, or don't. But if you choose to, YOU get to set the conditions for it. ◆ Choose exactly who and who NOT to monitor for prompt injection attacks. This might simply be everyone, or it can be users with particular role(s) and / or group(s). There are many many more. To name a few of my favourites: AI agent inventory, and the ability to autonomously monitor over 90 ServiceNow AI specific settings to detect deviations in secure configuration (including the AgentGuard configuration(s)!) from the AppOmni platform. So if you're a ServiceNow customer that's already adopted AI or plan to in the future but you're just not quite feeling *safe* enough to deploy it to prod yet, you really need this. Read more here: https://lnkd.in/eee4mR2u #ai #servicenow #aispm #sspm #saas

The SECOND big piece of news today for those that saw my previous post, is that I've simultaneously released new ServiceNow research that shows exactly why you need AppOmni AgentGuard. This research was alluded to in a security advisory sent out by ServiceNow in an email just two days ago. In my latest article, I discuss a net new and novel attack vector that takes advantage of ServiceNow's agent-to-agent discovery mechanism to escalate second-order prompt injection attacks. In essence, I was able to manipulate a simplistic AI agent to effectively recruit more 'powerful' agents on its team to fulfil a malicious task that it was not able to complete itself. This can be viewed as not only a privilege escalation of the user, but in a sense, a privilege escalation of the AI agent too. Read more about this attack vector here: https://lnkd.in/e7pB7S6K #ai #saas #servicenow #cybersecurity #research

FACT: AI agents can be turned against their own systems. New research from Aaron C. reveals how second-order prompt injection exploits agent-to-agent collaboration in ServiceNow’s Now Assist: even with protection features enabled. https://hubs.la/Q03V2X7b0 This research reveals how attackers can exploit ServiceNow’s Now Assist and the unauthorized actions that can come from it. 🔍 Read the full research and how AppOmni AgentGuard can defend against these types of attacks.

‼️ AI agents are likely part of your daily workflow, but also contribute to a larger attack surface. That’s why we've expanded our AISPM capabilities and proud to introduce 𝐀𝐠𝐞𝐧𝐭𝐢𝐜 𝐀𝐈 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐟𝐨𝐫 #ServiceNow: https://hubs.la/Q03T-LDk0 With 𝐀𝐩𝐩𝐎𝐦𝐧𝐢 𝐀𝐠𝐞𝐧𝐭𝐆𝐮𝐚𝐫𝐝, orgs can safely embrace AI inside ServiceNow while still maintaining strong security and compliance. See how our evolved AISPM capabilities are helping monitor and stop malicious AI prompts…before they cause harm. Plus: New research from Aaron C., AppOmni's Chief of Security Research, who reveals how second-order prompt injection turns AI agents against their own systems {link in the comments}

AI expectation: “AI will fix everything!” 🤩 AI reality: Its true power lies in expanding possibilities. Real talk: AI isn’t a magic wand. 🪄 As AppOmni’s Director of AI, Melissa R., explains, #AI has been promoted in ways that creates unrealistic assumptions about its capabilities: "People have much, much higher expectations, or dreams, and still, a lot of people believe GenAI is just pure magic and can do everything.” Learn about the AI bubble, what’s really changing with AI, and the caution every company should take, in IT Brew. 🗞️https://hubs.la/Q03TxFX20

🔐 Synthient leaks = billions of credentials, billions of new SaaS attack paths. These exposed credentials are now fueling SaaS account takeovers (Midnight Blizzard attack, anyone?!). 𝑾𝒉𝒚 𝒕𝒉𝒊𝒔 𝒎𝒂𝒕𝒕𝒆𝒓𝒔: Even a single successful login can let attackers escalate privileges, grant malicious OAuth apps, and move laterally across connected SaaS environments: turning one compromised account into an enterprise-wide breach. Cory Michal explains more about this Synthient dump and how AppOmni can help stop credential-based intrusions: https://hubs.la/Q03Tm8Gz0