15 Search results for:
See all Current Events Events Product Research Security
Andrew Silberman
23 Feb 2024

What a Vulnerability in Salesforce Apex Code Means for You

The obfuscated nature of custom Apex code that is used in internal Salesforce instances and apps (i.e. Lightning, Lightning Communities)…
Research Security
Andrew Silberman
6 Nov 2023

Potential Data Exposure in ServiceNow: Challenges for Citizen Developers and Security Teams

In a rapidly evolving digital landscape, data security has become a paramount concern within the AppSec community. As organizations embrace…
Research
Yuval Adler
16 May 2023

Microsoft Power Platform DLP Bypass Uncovered – Finding #5 – Parent and Child Flow Execution

Analysis of Microsoft Power Platform’s security features revealed limitations that could expose organizations to security risks, such…
Research
Andrew Silberman
8 May 2023

Zenity Helps Microsoft Identify and Remediate Critical Security Risk in Power Automate Desktop

About seven months ago at Defcon, Zenity CTO Michael Bargury presented security research that discovered and outlined a way to take over…
Research
Yuval Adler
3 May 2023

Microsoft Power Platform DLP Bypass Uncovered – Finding #4 – Unblockable connectors

Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity.  I’m inviting you to read my blog series where I share new…
Research
Uriel Zilberberg
10 Apr 2023

The Cross-Tenant Power Platform Connectors Vulnerability – Are You Safe Now?

What Happened Last week, on March 31st, NetSPI researchers announced that they found a cross-tenant Azure vulnerability in the Microsoft…
Research
Andrew Silberman
2 Apr 2023

NetSPI Finds a Power Platform Vulnerability. 4 Things to Do About It

Recent research from penetration testing company NetSPI found that Azure on-premises data gateways allow Power Platform and Power BI to…
Research
Yuval Adler
8 Mar 2023

Microsoft Power Platform DLP Bypass Uncovered – Finding #3 – Custom Connectors

Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I will share new…
Research
Yuval Adler
14 Feb 2023

Microsoft Power Platform DLP Bypass Uncovered- Finding #2 – HTTP calls

Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I will share new…
Research
Yuval Adler
31 Jan 2023

Microsoft Power Platform DLP Bypass Uncovered- Finding #1

Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I share new…
Research
Michael Bargury
19 Sep 2022

ZAPESCAPE: Organization-wide control over Code by Zapier

In the middle of March 2022, Zenity research team discovered a sandbox-escape vulnerability in Code by Zapier, a service used by Zapier to…
Research
Michael Bargury
19 Sep 2022

ZAPESCAPE: Vulnerability Disclosure

Date: March 16th 2022 Severity: High Security impact: Privilege Escalation, Data Leakage, Data Manipulation Intro This document is the…
Research
Load More