Obsidian unveils real-time AI agent security for SaaS threats

Obsidian Security has launched AI agent security capabilities designed to govern how autonomous AI agents access data within SaaS environments.

Growing reliance on cloud-based SaaS applications has made them a significant target for cyber-attacks. Recent incidents, including the Salesforce (UNC6040) attack and the Salesloft Salesforce supply chain breach (UNC6395), have highlighted the risks stemming from SaaS integrations.

In the case of the Salesforce attack, threat actors exploited voice phishing to gain access and used bulk API queries to steal data at scale. The Salesloft incident demonstrated how a compromised chatbot integration enabled unauthorised access that expanded from Salesforce to connected platforms such as Google Workspace, Slack, Amazon S3 and Microsoft Azure, affecting hundreds of enterprises.

Obsidian Security's latest capabilities aim to address what it describes as a growing blind spot: the security challenges posed by autonomous, over-permissioned AI agents operating inside businesses' SaaS applications. These agents, which are increasingly deployed through low-code and no-code platforms such as Microsoft Copilot Studio, Salesforce Agentforce, n8n and ChatGPT Enterprise, often carry broad privileges and operate without direct human oversight, moving data at speeds and volumes far beyond typical human activity.

Enterprise risks

"The AI agent shift is well underway, and we're seeing the risks firsthand as we help our customers scale adoption securely. 87% of enterprises have Microsoft Copilot enabled, more than half the agents access sensitive data, 90% are over-permissioned, and move 16 times more data than humans accessing SaaS applications. These risks are not theoretical, they're active risks inside enterprises today, often without their awareness."

Hasan Imam, Chief Executive Officer at Obsidian, noted that the rapid adoption of AI agents within enterprises has already introduced measurable risks. The use of these agents to automate workflows and query sensitive business data-often with excessive privileges-means that, if compromised, an attacker could quickly gain access to and exfiltrate significant amounts of data.

The complexity of managing these autonomous agents is compounded by the fact that existing security tools, designed to monitor and control human activity, are frequently unable to provide adequate visibility into machine-driven actions, understand their privileges, or intervene at the speed necessary to contain threats.

Detection and containment

"The difference between a major intrusion and successful containment comes down to speed. Most security teams already struggle to react to incidents fast enough and AI agents raise the stakes even higher. They can trigger workflows across multiple SaaS apps in seconds, often without anyone noticing until damage is done. Obsidian flips that dynamic by detecting issues in near real-time, faster than most security tools are able to, giving teams the chance to shut them down before they spiral out of control."

Sunil Seshadri, Executive Vice President and Chief Security Officer at HealthEquity and a board member of Obsidian Security, emphasised the pace at which AI agents can escalate security incidents without rapid intervention, and stressed the importance of real-time detection and response capabilities.

Technical approach

Obsidian's approach centres on its threat intelligence platform, underpinned by a repository containing more than 500 curated real-world SaaS threat indicators and activity data from browser-based and application sources. This intelligence feeds what Obsidian calls the Knowledge Graph, a continuously learning model that brings together information about both human and machine identities, their privileges, and their actions across a company's SaaS estate.

This unified view allows security teams to track and contextualise AI agent activity, granting what Obsidian describes as real-time oversight needed to prevent unauthorised or risky agent behaviour before it results in broader harm.

"In customer deployments, our continuously learning Knowledge Graph revealed that AI agents in SaaS environments were typically granted ten times more permissions than needed when mapped against real user privileges and entitlements - visibility only Obsidian can deliver. By connecting popular AI platforms like Microsoft Copilot Studio, n8n, Salesforce Agentforce, and ChatGPT Enterprise with the Obsidian Knowledge Graph, security teams can finally see what agents are doing in SaaS. That intel means they can stop risks before they spread and empower users to innovate faster without sacrificing security or governance."

Khanh Tran, Chief Product Officer at Obsidian, highlighted how the platform can uncover over-permissioning in enterprise AI agents and provide the actionable visibility required for both improving security posture and supporting business innovation.

Feature set

The new functionalities include an inventory system that tracks every AI agent, their privileges, SaaS connections and actions, to support access review and lifecycle management. It also provides continuous observability with correlated audit trails, helping enterprises to map agent access to the specific data being handled. The platform automatically detects and prevents privilege escalation and access misuse by AI agents, aiming to prevent incidents before they can propagate across interconnected SaaS services.

Current integrations support Microsoft Copilot Studio, ChatGPT Enterprise, Salesforce Agentforce, and n8n, with additional platforms expected to be added in future updates.

Obsidian is offering a 30-day no-cost assessment of its SaaS AI agent defence capabilities to help enterprises evaluate their exposure and measure agentic risk in their SaaS environments.