Zenity unveils agent-less security solution for Microsoft 365 Copilot
Zenity announced an agent-less security solution for Microsoft 365 Copilot with the Zenity AI Trust Layer. With this product launch, Zenity is continuing to empower its customers to confidently and securely unleash business enablement.
Microsoft 365 Copilot is embedded across the Microsoft suite, including SharePoint and M365. This presents massive opportunities for businesses to enable all their employees and third parties to be more efficient and effective through the use of Generative AI.
However, Microsoft 365 Copilot also presents unique opportunities for bad actors and unknowing insiders to leak and exfiltrate data, as 365 Copilot contains access to loads of sensitive and confidential corporate data, is used by business users of all technical backgrounds and, critically, contains inherent curiosity.
Business users of all technical backgrounds can also create extensions, plugins and agents linked to third-party apps and data sources through Microsoft Copilot Studio – something Zenity has supported since November of 2023.
Having recently received a strategic round of funding from Microsoft’s venture arm, M12, to nurture and drive a joint go-to-market strategy, Zenity is continuing to provide robust support for customers that are leveraging software throughout the Microsoft ecosystem, including this end-to-end solution for Microsoft 365 Copilot.
Following the research at Black Hat 2024, where Zenity security researchers detailed how bad actors can jailbreak Microsoft 365 Copilot to perform “remote copilot execution” via promptware attacks, Zenity is adding to its application security platform. This currently consists of AISPM, which launched in May of this year, to also include AI visibility, threat detection and prevention, promptware prevention and remediation capabilities.
“Microsoft 365 Copilot presents a landmark opportunity for any organization driving business enablement. However, security teams now understand that application security is at the core of AI security, with unique threats and a new attack surface that has to be addressed swiftly. Zenity is approaching these unique problems stemming from Microsoft 365 Copilot and AI agents with an attacker’s mindset.” said Ben Kliger, CEO, Zenity.
“We are excited to offer the first holistic and agent-less AI Trust Layer for enterprise copilots like Microsoft 365 Copilot and for AI agents. Zenity is uniquely positioned to help organizations capitalize on the promise of the AI revolution in the enterprise. I am immensely proud of our team for the groundbreaking research and technology developed to launch this end-to-end solution that secures customers’ current, most critical and pressing need: enterprise copilots and AI agents,” added Kliger.
The Zenity AI Trust Layer for Microsoft 365 Copilot complements the existing visibility, risk assessment and governance features, and includes:
- Visibility – Maintain a continuous inventory for AI copilots and agents, including how they are used across the organization and what risks exist in real-time.
- Threat detection & prevention – Detect and prevent suspicious and malicious activities that are leveraging 365 Copilot as an attack surface, such as data leakage, in runtime.
- Promptware prevention – Prevent promptware from getting into your organization and read by 365 Copilot.
- AI SPM – Zenity incorporated AISPM capabilities in May of 2024 to identify misconfigurations and application security vulnerabilities in platform extensions and custom LCNC copilots and agents that are built in Copilot Studio.
- Remediation – Automatically respond to detected threats and mitigate vulnerabilities with granular policy authorization and custom playbooks to assure continuous secure use of 365 Copilot.