Obsidian Security has introduced a SaaS AI agent defense solution tailored to regulate the data access of AI agents in SaaS environments for enterprises. With SaaS being a prime target within the enterprise infrastructure, Obsidian aims to eliminate the blind spot where unmanaged AI integrations and excessive privileges of AI agents pose significant risks.

The recent Salesforce attack (UNC6040) involved threat actors using voice phishing tactics to gain initial access and execute bulk API queries for extensive data theft and extortion. The incident with Salesloft Salesforce (UNC6395) highlighted vulnerabilities in SaaS-to-SaaS integrations, showing how a compromised chatbot integration led to unauthorized access across various platforms like Google Workspace, Slack, Amazon S3, Microsoft Azure, and more.

The increasing adoption of AI agents intensifies the security challenges in SaaS environments. Platforms such as Microsoft Copilot Studio, ChatGPT Enterprise, Salesforce Agentforce, and n8n allow employees to build and deploy agents within SaaS applications independently, with the ability to perform tasks, access data, and make decisions autonomously.

These agents often possess broad privileges, long-lasting tokens, and handle sensitive business data swiftly. In case of compromise, they can leak data, escalate access levels, and move laterally across interconnected SaaS applications causing significant harm.

Hasan Imam, CEO at Obsidian, emphasized the ongoing shift towards AI agents and the associated risks faced by enterprises during secure adoption. He noted that many enterprises have enabled Microsoft Copilot with a high percentage of agents having access to sensitive data while being over-permissioned.

Security tools currently lack visibility into machine-driven activities and struggle to enforce controls swiftly compared to autonomous agents. Sunil Seshadri, EVP and CSO at HealthEquity stressed the importance of speed in containing security incidents involving AI agents triggering workflows within seconds across multiple SaaS apps.

Obsidian stands out in addressing security risks posed by autonomous AI agents in SaaS environments with its unique approach utilizing a comprehensive threat dataset repository enriched with real-world intelligence. The Obsidian Knowledge Graph offers a unified view of user and agent activities along with identity privileges to help security teams govern agentic AI usage effectively.

Khanh Tran, CPO at Obsidian highlighted how their Knowledge Graph revealed instances where AI agents were granted excessive permissions compared to actual user entitlements. By integrating popular AI platforms with their Knowledge Graph, security teams can proactively manage risks arising from AI agents in SaaS environments.

This product launch enables enterprises to securely expand their AI agent development capabilities. Key features of this release include live inventory tracking of every AI agent’s activities for better oversight, continuous observability of agent access across SaaS environments for compliance monitoring, and proactive detection of misuse or privilege escalation attempts by AI agents before they cause widespread damage.