Zenity for AgentForce
Introduction
Zenity for AgentForce provides full lifecycle security, governance, and runtime visibility for Salesforce AgentForce agents.
As organizations rapidly adopt AgentForce to automate workflows and interact with sensitive CRM data, security teams face a new challenge: agents operate across identities, systems, and channels with limited visibility and control.
Zenity enables organizations to securely scale AgentForce by delivering:
- Deep visibility into agent behavior
- Proactive risk detection at build-time and runtime
- Continuous monitoring of agent actions and identities
- Policy enforcement aligned with organizational standards
Why Zenity for AgentForce?
AgentForce introduces a new class of risks that traditional security controls were not designed to handle.
These include:
- Unauthorized data access and exfiltration
- Cross-system tool invocations
- Agent identity abuse across users and channels
- Prompt injection and manipulation attacks
This creates blind spots in runtime behavior, increasing operational risk and slowing down secure adoption. :contentReference[oaicite:2]{index=2}
Zenity closes this gap by providing end-to-end observability and security for AgentForce agents.
Agentic Observability
Zenity provides complete visibility across the agent lifecycle, from configuration to runtime execution.
Customers can:
- Understand full agent structure and configuration
- Trace complete agent sessions
- View identity and privilege context
- Monitor tool invocations and actions
Visual Context (Agent Graph)
Zenity maps relationships between:
- Agents
- Actions (Flows, APIs, Apex, tools)
- Data sources
- Users (employees, guests, external users)
This helps answer critical questions:
- Which agents access sensitive data?
- Who can interact with them?
- What actions can they trigger?
Shift-Left Security via exposure path detection
Agent risk starts before runtime. Zenity analyzes agent configurations, structure and topology to detect risky patterns early, including:
- Toxic combinations (e.g., anonymous access + destructive actions)
- Secrets embedded in agent configurations
- Misconfigured trusted URLs
- Over-permissioned identities
This enables teams to secure agents before deployment.
Threat Detection & Response
Zenity continuously monitors runtime activity and detects malicious or anomalous behavior.
Detection Capabilities
Privilege Escalation Detection
- Anonymous users accessing sensitive data via service agents
- System-context actions executed beyond intended permissions
General Malicious Activity
- Reconnaissance
- Data exfiltration
- Jailbreak attempts
External Risk Indicators
- Untrusted URLs generated by agents
- Malicious links returned in responses
Issues
Zenity correlates multiple posture and/or runtime findings into Issues, which are clear, pre-analyzed security risk narratives, helping teams quickly understand:
- What happened and how the attack unfolded
- The involved agent and affected resources
- Impacted data or actions
- Timeline and root cause
Issues remove the need to dig into each and every finding separately, but focus on the main most impactful risks.
Agentic Governance
Alongside threat detection Zenity allows organizations to enforce security policies across the agentic landscape, including controls like:
- Secret detection in agent activity
- PII and financial data monitoring
- Data sharing to untrusted domains
- Access to sensitive data locations
- Restriction of disallowed endpoints
This ensures agents operate within organizational and compliance boundaries.
Summary
Zenity for AgentForce gives organizations the confidence to scale agent adoption by combining deep visibility, real-time threat detection, and proactive security controls. By securing agents from build-time through runtime and enforcing governance consistently, teams can innovate faster without compromising on security.
To get started, integrate your SalesForce organization to Zenity via Connected App or External Client App.