12.3K
Downloads
72
Episodes
Stay ahead of the latest cybersecurity trends with Cyberside Chats! Listen to our weekly podcast every Tuesday at 6:30 a.m. ET, and join us live once a month for breaking news, emerging threats, and actionable solutions. Whether you’re a cybersecurity professional or an executive looking to understand how to protect your organization, cybersecurity experts Sherri Davidoff and Matt Durrin will help you stay informed and proactively prepare for today’s top cybersecurity threats, AI-driven attack and defense strategies, and more!
Join us monthly for an interactive Cyberside Chats: Live!
Youtube channel: https://www.youtube.com/LMGsecurity
Register Here: https://lmgsecurity.zoom.us/webinar/register/WN_4FpdxB0VQo6aURK1p7_k_g
Episodes
8 hours ago
8 hours ago
Your organization is already running an AI workforce and almost nobody knows who they report to, what they can touch, or how to shut them down. In this episode, Sherri Davidoff and Matt Durrin break down the shadow AI agent problem: what makes an agent a "shadow" agent, how real breaches are already happening because of them, and what security leaders can do about it this week.
Using three case studies: Anthropic's Claude Dispatch as a canonical product example, the April 2026 Vercel breach (the cleanest illustration yet of the OAuth supply chain attack model), and Meta's internal Sev-1 incident (when the agent itself is the failure mode). Sherri and Matt walk through the four layers where shadow agents accumulate risk and close with five concrete, actionable takeaways for security teams at any size.
Key takeaways
1. Start with discovery, not policy. You can't govern what you can't see. The right question to ask your team isn't "are you using unauthorized AI tools?" — it's "what AI tools are you using to do your job?" Check OAuth grants in Google Workspace and Microsoft Entra, and look at expense reports. The real number of agents in your environment is typically two to five times what you initially find.
2. Audit and restrict OAuth scopes — especially "Allow All". The Vercel breach was enabled by a single broad OAuth grant an employee made during onboarding for a third-party AI productivity tool. Most enterprise Google Workspace and Microsoft 365 tenants allow users to grant full OAuth scopes to external apps with no admin review. Requiring admin approval for OAuth grants — and auditing existing ones — is a control that can be implemented today and would have prevented the Vercel incident. An OAuth token is as good as — if not better than — a username, password, and MFA combined. It gets you straight through the back door.
3. Treat AI tool agreements like vendor contracts — because they are. When an employee clicks Allow All on an AI tool's onboarding screen, they have created a vendor relationship on behalf of the organization — without a DPA, a BAA, a security review, or procurement involvement. Build a lightweight intake process specifically for AI tools, and make it faster than the OAuth click. If the approved path takes two weeks, employees will route around it. Aim for two days.
4. Get visibility at the identity layer. Machine identities already outnumber human identities by roughly 50:1 in enterprise environments. AI agents add more — fast. Look at purpose-built NHI management tools: Token Security, Astrix, Andromeda, and Entro. Microsoft Agent 365, launched May 2026, gives Microsoft ecosystem organizations a registry and map of agents in their environment — a quick starting point for visibility.
5. Build a fast lane for AI tool approvals. "Don't use shadow AI" is the wrong message. Employees will use these tools regardless — the goal is to make the sanctioned path faster than the shadow path. A lightweight checklist covering data sensitivity, OAuth scopes requested, and basic vendor security posture beats a heavyweight approval committee. Make the process visible, frame it as enablement rather than restriction, and you will get compliance.
The three flavors of shadow agent
1. The unsanctioned agent. An employee built it in Copilot Studio or ChatGPT. IT doesn't know it exists.
2. The sanctioned-but-invisible agent. The platform is approved, but nobody is tracking what each agent can access, who owns it, or what it's doing.
3. The granted-access agent. An employee authorized an outside AI tool via OAuth. An external agent is now operating inside your environment with your credentials.
References
1. Vercel breach https://vercel.com/kb/bulletin/vercel-april-2026-security-incident
2. Kiteworks 2026 Data Security and Compliance Risk Forecast https://www.kiteworks.com/cybersecurity-risk-management/meta-rogue-ai-agent-data-exposure-governance/
3. Cloud Security Alliance + Token Security survey (April 21, 2026) https://cloudsecurityalliance.org/press-releases/2026/04/21/new-cloud-security-alliance-survey-reveals-82-of-enterprises-have-unknown-ai-agents-in-their-environments
4. OpenAI — ChatGPT Workspace Agents https://openai.com/index/introducing-workspace-agents-in-chatgpt/
5. Salesforce FY26 Q4 earnings release (Feb 25, 2026) https://www.salesforce.com/news/press-releases/2026/02/25/fy26-q4-earnings/
6. Microsoft Copilot Studio — agent overview https://adoption.microsoft.com/en-us/ai-agents/copilot-studio/
7. Microsoft Agent 365 (launched May 2026) https://www.microsoft.com/en-us/microsoft-copilot/blog/copilot-studio/unveiling-copilot-agents-built-with-microsoft-copilot-studio-to-supercharge-your-business/
No comments yet. Be the first to say something!