Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Zenity Labs team has discovered that non-administrator users can modify existing flows that were connected to Einstein by an administrator, influencing Einstein without having the necessary permissions to edit it directly. In doing so, bad actors can easily insert malicious actions into flows that are triggered by business users throughout the enterprise, including phishing attacks, data exfiltration, and more.

Today, we are excited to announce a significant milestone in our journey to secure enterprise copilots and low-code development platforms by launching our new product; the Zenity AI Trust Layer. This new offering provides full security and governance control for enterprise copilots, and in the first step is focused on Microsoft 365 Copilot. The use of enterprise copilots is undeniably a story in low-code application development.

Salesforce has revolutionized the way businesses operate by providing a robust platform that empowers anyone to harness customer and enterprise data and build their own applications, reports, and dashboards.

As more and more companies adopt low-code platforms and launch AI applications, the need for proper data security has never been greater. While it’s true that low-code platforms give users the freedom to develop powerful AI solutions with minimal programming knowledge or experience, this same level of flexibility also inadvertently exposes applications to potential data breaches.

AI has completely changed how we live, work and play. With its unparalleled efficiency, ongoing learning abilities and its detailed precision, it makes short work out of what used to be more complex and cumbersome tasks. Although AI systems are incredibly powerful and only growing in capacity and scale, they’re not without their challenges. Like other types of programs and infrastructures, AI is not immune to vulnerabilities and security issues.

The rapid rise of low-code and no-code platforms has democratized application development, enabling even non-technical business users to swiftly create critical business applications. However, this accessibility brings new security challenges, particularly with the integration of AI technologies such as copilots, which are used to automate tasks and enhance functionality within these platforms. Zenity enhances the security of these AI-integrated environments by managing and securing AI copilots.

Enterprises are racing to adopt AI copilots and low-code/no-code platforms to innovate and maximize efficiency by placing powerful technology and development tools in the hands of all business users. While the productivity gains are enormous, so are the security risks, as the nature of these copilots and low-code platforms results in a surge of new business apps being created at the enterprise.

Microsoft Fabric is an end-to-end analytics and data platform that covers a wide range of functionality, including data movement, processing, ingestion, transformation, real-time event routing, and report building. The platform allows business users of all technical backgrounds to create, process, and store data and build powerful business tools from a unified platform.

AI has undoubtedly revolutionized various industries, enhancing both efficiency and innovation through low-code and no-code platforms. Yet, this ease of development brings with it an increased burden of security. As business users and developers rapidly build applications, automations, and bots using AI, the complexity and volume of these creations amplify potential security vulnerabilities.

With the democratization of application development, users can now quickly create powerful applications without deep coding skills using AI copilots and low-code/no-code development tools. However, this ease of use can also introduce vulnerabilities, especially since many new developers aren’t well-versed in low-code application security best practices.