The Zenity Blog

January 23rd, 2024

Making Sense of AI in Cybersecurity
Unless you have been living under a rock, you have seen, heard, and interacted with Generative AI in the workplace. To boot, nearly every company is saying something to the effect of “our AI platform can help achieve better results, faster,” making it very confusing to know who is for real and who is simply…
Blog
15 Search results for:
See all Current Events Events Product Research Security
Andrew Silberman

What a Vulnerability in Salesforce Apex Code Means for You
The obfuscated nature of custom Apex code that is used in internal Salesforce instances and apps (i.e. Lightning, Lightning Communities)…
Research Security
Andrew Silberman

Potential Data Exposure in ServiceNow: Challenges for Citizen Developers and Security Teams
In a rapidly evolving digital landscape, data security has become a paramount concern within the AppSec community. As organizations embrace…
Research
Yuval Adler

Microsoft Power Platform DLP Bypass Uncovered – Finding #5 – Parent and Child Flow Execution
Analysis of Microsoft Power Platform’s security features revealed limitations that could expose organizations to security risks, such…
Research
Andrew Silberman

Zenity Helps Microsoft Identify and Remediate Critical Security Risk in Power Automate Desktop
About seven months ago at Defcon, Zenity CTO Michael Bargury presented security research that discovered and outlined a way to take over…
Research
Yuval Adler

Microsoft Power Platform DLP Bypass Uncovered – Finding #4 – Unblockable connectors
Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity.  I’m inviting you to read my blog series where I share new…
Research
Uriel Zilberberg

The Cross-Tenant Power Platform Connectors Vulnerability – Are You Safe Now?
What Happened Last week, on March 31st, NetSPI researchers announced that they found a cross-tenant Azure vulnerability in the Microsoft…
Research
Andrew Silberman

NetSPI Finds a Power Platform Vulnerability. 4 Things to Do About It
Recent research from penetration testing company NetSPI found that Azure on-premises data gateways allow Power Platform and Power BI to…
Research
Yuval Adler

Microsoft Power Platform DLP Bypass Uncovered – Finding #3 – Custom Connectors
Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I will share new…
Research
Yuval Adler

Microsoft Power Platform DLP Bypass Uncovered- Finding #2 – HTTP calls
Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I will share new…
Research
Yuval Adler

Microsoft Power Platform DLP Bypass Uncovered- Finding #1
Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I share new…
Research
Michael Bargury

ZAPESCAPE: Organization-wide control over Code by Zapier
In the middle of March 2022, Zenity research team discovered a sandbox-escape vulnerability in Code by Zapier, a service used by Zapier to…
Research
Michael Bargury

ZAPESCAPE: Vulnerability Disclosure
Date: March 16th 2022 Severity: High Security impact: Privilege Escalation, Data Leakage, Data Manipulation Intro This document is the…
Research
Load More