Obsidian Security, a leader in SaaS security, has unveiled SaaS AI agent defense, the first purpose-built solution to manage how AI agents access data in SaaS platforms. This platform addresses the emerging cyber risks from unmanaged AI agents, which often hold excessive privileges and can enable rapid data exfiltration if compromised, particularly in targeted SaaS layers of the enterprise stack.
Recent incidents like the Salesforce UNC6040 attack via voice phishing and the Salesloft supply chain breach highlight vulnerabilities in SaaS integrations, where compromised chatbots led to widespread unauthorized access across applications like Google Workspace and Slack. The proliferation of low-code platforms enables any employee to deploy agents that autonomously query and move sensitive data, amplifying risks without oversight. Traditional tools fail to track machine-driven activity or enforce controls at AI's speed.
“The AI agent shift is well underway, and we’re seeing the risks firsthand as we help our customers scale adoption securely,” said Hasan Imam, CEO at Obsidian. “87% of enterprises have Microsoft Copilot enabled, more than half the agents access sensitive data, 90% are over-permissioned, and move 16 times more data than humans accessing SaaS applications. These risks are not theoretical, they’re active risks inside enterprises today, often without their awareness.”
“The difference between a major intrusion and successful containment comes down to speed,” said Sunil Seshadri, EVP and CSO at HealthEquity and ex-CISO at Wells Fargo, Visa and NYSE. “Most security teams already struggle to react to incidents fast enough and AI agents raise the stakes even higher. They can trigger workflows across multiple SaaS apps in seconds, often without anyone noticing until damage is done. Obsidian flips that dynamic by detecting issues in near real-time, faster than most security tools are able to, giving teams the chance to shut them down before they spiral out of control.”
Obsidian's solution leverages the industry's largest SaaS threat dataset, enriched with browser activity and AI integrations, to power the Obsidian Knowledge Graph. This continuously learning model correlates user and agent behavior, privileges, and workflows for real-time visibility.
Key features include:
“In customer deployments, our continuously learning Knowledge Graph revealed that AI agents in SaaS environments were typically granted ten times more permissions than needed when mapped against real user privileges and entitlements – visibility only Obsidian can deliver,” said Khanh Tran, Chief Product Officer at Obsidian. “By connecting popular AI platforms like Microsoft Copilot Studio, n8n, Salesforce Agentforce, and ChatGPT Enterprise with the Obsidian Knowledge Graph, security teams can finally see what agents are doing in SaaS. That intel means they can stop risks before they spread and empower users to innovate faster without sacrificing security or governance."
This release supports secure scaling of AI agent development, with current integrations expanding to more platforms.
Obsidian's SaaS AI agent defense positions organizations to innovate with AI confidently, closing blind spots in the rapidly evolving threat landscape and ensuring resilience across global operations.
Obsidian Security is the leading SaaS security platform, trusted by global enterprises like Snowflake, T-Mobile, and S&P Global. We protect over 250 global organizations, including many of the world’s largest Fortune 1000 and Global 2000 companies, with data center availability in North America, EMEA, and APAC—Saudi Arabia coming soon. Backed by top investors including Greylock, Norwest Venture Partners, and IVP, we’re closing a critical gap: securing the SaaS and AI tools that organizations rely on. Our platform reduces risk, detects and responds to threats, and prevents breaches at the source. Obsidian was built by leaders who redefined endpoint and identity security at CrowdStrike, Okta, Cylance, and Carbon Black.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.