Zenity Labs

Techniques from Zenity's GenAI Attacks Matrix Incorporated into MITRE ATLAS to Track Emerging AI Threats

TL;DR: Zenity has partnered with MITRE ATLAS to integrate GenAI Attacks Matrix techniques into the MITRE ATLAS framework, ensuring organizations stay ahead of evolving AI threats. As part of this collaboration, we introduce into ATLAS a new case study and 8 new attack techniques and 4 subtechniques.

AI Agents: The New Frontier for Security Researchers

The Power of One SSRF Vulnerability: A Multi-Platform Threat

Inside Salesforce Einstein: A Technical Background

Scaling AppSec With an SDL for Citizen Development

A blog version for the talk presented at BlueHat 2024

Links and materials for Scaling AppSec With an SDL for Citizen Development

Links, demos, tools and slides for BlueHat 2024

Sure, Let AI Browse the Internet—What Could Possibly Go Wrong?

Internet browsing for AI agents leads to 0click compromise but these mitigations can help

TTPs.ai for GenAI-Targeted Attacks

Guiding threat simulation and defense for Copilots and Agents

Over Permissions in Salesforce Einstein and Unexpected Consequences

Outsmarting Copilot: Creating Hyperlinks in Copilot 365

The Long and Winding Road of DLP Patches in Power Platform

Reviewing Microsoft's Fix for the 'All You Need Is Guest' DLP Bypass

A Summary of Zenity Research Published at BlackHat 2024

New Attack Vectors Discovered for Initial Access and Post-Compromise