{"id":15973,"date":"2026-03-18T12:13:53","date_gmt":"2026-03-18T12:13:53","guid":{"rendered":"https:\/\/newestek.com\/?p=15973"},"modified":"2026-03-18T12:13:53","modified_gmt":"2026-03-18T12:13:53","slug":"reco-targets-ai-agent-blind-spots-with-new-security-capability","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=15973","title":{"rendered":"Reco targets AI agent blind spots with new security capability"},"content":{"rendered":"
\n
\n
\n
\n
\n
\n
<\/div>\n<\/section>\n

SaaS security platform Reco has decided to address the \u201cagent sprawl\u201d challenge from the increased adoption of AI-driven tools by enterprises. It argues that enterprises are faced with a security situation as numerous autonomous agents now traverse multiple systems, accessing sensitive data, and executing actions without direct human oversight.<\/p>\n

To help contain this risk, the company has made a new capability, \u201cReco AI Agent Security,\u201d available to its customers starting March 18. The tool is aimed at giving enterprise security teams complete visibility and control over \u201call AI agents\u201d operating across their SaaS<\/a> ecosystem. These include Copilot, ChatGPT, and Salesforce Agentforce integrations and automation tools like n8n and Zapier.<\/p>\n

\u201cSecurity teams have spent years getting visibility into their SaaS applications, but AI agents operate differently,\u201d said Ofer Klein<\/a>, CEO and Co-Founder of Reco. \u201cThey act autonomously, make decisions without human intervention, and often have permissions across multiple systems. Traditional SaaS security posture management (SSPM) tools weren\u2019t built to see or control this. We\u2019re solving a new category of risk.\u201d<\/p>\n

The offering is designed to solve the dual challenge of \u201cAI sprawl\u201d and \u201cAgent sprawl,\u201d folding AI agent discovery, risk analysis, and governance into Reco\u2019s existing SaaS security platform.<\/p>\n

Discovery beyond OAuth<\/h2>\n

The core of the launch focuses on a shift in how AI agents are identified. Reco told CSO that its approach moves past traditional OAuth-based discovery and into a multi-layered detection model that looks at how systems behave, not just how they\u2019re connected.<\/p>\n

\u201cWe track third-party OAuth connections and analyze API call patterns that indicate autonomous behavior, like agents making decisions and executing actions without direct user intervention,\u201d he added. \u201cMany AI agents operate under service accounts or shared credentials. We correlate service account activity across applications to identify agent behavior patterns.\u201d<\/p>\n

Klein explained that automation tools themselves leave distinct fingerprints. Platforms like n8n<\/a>, Make, and Zapier exhibit recognizable workflow signatures, which Reco uses to detect and map how these automations interact across systems. \u201cAn AI agent accessing 500 Salesforce records per minute looks different from a human user,\u201d he said. Additionally, for native agents like Microsoft Copilot or Salesforce Agentforce, Reco claims to monitor feature enablement, data access patterns, and cross-application activity that traditional SSPM tools<\/a> categorize as \u201cnormal user behavior.\u201d<\/p>\n

The offering is positioned around real-world patterns observed by Reco, which include shadow automation with excessive permissions, misconfigured enterprise agents, and even credential exposure in AI workflows. In observed incidents, this ranged from agents with full read\/write access to customer PII in Salesforce, financial data in NetSuite, source code in GitHub, to an unnamed agent exfiltrating customer data to a personal Airtable account for 8 months before discovery.<\/p>\n

<\/a>Aiming where traditional SSPM falls short<\/h2>\n

Reco positions the launch as a break from traditional SSPM, arguing that those tools were never designed for autonomous systems.<\/p>\n

\u201cSSPM sees connections. We see behavior,\u201d Klein said. While a typical SSPM might flag a Zapier-Salesforce link as a third-party integration, \u201cWe identify that this specific Zapier workflow is an AI agent that runs every 15 minutes, accesses customer payment data, enriches it with external APIs, and writes results to a shared spreadsheet, all without human interventions,\u201d he explained, emphasizing the difference in risk profiles.<\/p>\n

Cross-system visibility is another gap cited by Reco. SSPM tools analyze each application in isolation, whereas Reco recognizes that agents span multiple systems and treats them as one autonomous system with compound risk.<\/p>\n

These distinctions align with how SSPM tools are generally designed<\/a> today. Industry definitions<\/a> describe SSPM as focusing on continuously monitoring SaaS applications for misconfigurations, managing permissions, and identifying risky integrations or compliance gaps.<\/p>\n

In practice, that means SSPM is effective at answering what is connected and who has access by inventorying applications, tracking OAuth integrations, and flagging overly permissive settings. Reco draws a line in the behavioral context, arguing SSPM tools are less equipped to analyze how an integration behaves once it is approved, and that is where most of the agent-induced risks lie. <\/p>\n

Reco AI Agent Security is available immediately as part of the company\u2019s existing SaaS security platform, with support for previously noted SaaS, automation, and AI tools at launch and additional integrations expected to roll out on a continuous delivery basis.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

SaaS security platform Reco has decided to address the \u201cagent sprawl\u201d challenge from the increased adoption of AI-driven tools by enterprises. It argues that enterprises are faced with a security situation as numerous autonomous agents now traverse multiple systems, accessing sensitive data, and executing actions without direct human oversight. To help contain this risk, the company has made a new capability, \u201cReco AI Agent Security,\u201d… <\/p>\n

Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-15973","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15973","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15973"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15973\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15973"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15973"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15973"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}