Salesforce Under Attack: Stop ShinyHunters Before They Get In
Ondemand Webinar
ShinyHunters is actively targeting Salesforce Experience Cloud — and has claimed 300–400 compromised orgs. Reco detected activity across 17+ customer tenants this week alone. Reco's Senior Security Researcher, Nitay Bachrach breaks down the live campaign: how the attack works, what we found, and exactly what to fix.
What's Covered:
How AuraInspector works — how guest user misconfigs are exploited to access records without authentication, and how stolen data fuels vishing attacks
Live incident forensics — real IOCs, timeline, and detection details from this week
Why common remediation fails — a live demo showing popular fixes don't hold up
Prioritized remediation checklist — every Salesforce setting to check, in order, with Reco policies mapped to each
What Reco detection looks like — the exact alerts that fired during the incident
ShinyHunters is actively targeting Salesforce Experience Cloud — and has claimed 300–400 compromised orgs. Reco detected activity across 17+ customer tenants this week alone. Reco's Senior Security Researcher, Nitay Bachrach breaks down the live campaign: how the attack works, what we found, and exactly what to fix.
What's Covered:
How AuraInspector works — how guest user misconfigs are exploited to access records without authentication, and how stolen data fuels vishing attacks
Live incident forensics — real IOCs, timeline, and detection details from this week
Why common remediation fails — a live demo showing popular fixes don't hold up
Prioritized remediation checklist — every Salesforce setting to check, in order, with Reco policies mapped to each
What Reco detection looks like — the exact alerts that fired during the incident
Our team caught an active ShinyHunters campaign this week. We opened the war room to walk you through every step you need to take right now.
Securing AI inside Microsoft 365, Google Workspace, Salesforce, Zoom, Jira and more.
%201.svg)
%201.svg)
%201.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
%201.svg){kind=logo}
Govern the AI Inside the Apps You Already Use
Reco gives you visibility and control over embedded AI features in your existing SaaS platforms. From Microsoft Copilot to Salesforce GPT, and new tools like Cursor, Lovable, Agentforce, and n8n, we show you where AI is enabled, what data it can access, and who's using it.
Your SaaS Just Got Smarter. We Make Sure It's Safe
Detect SaaS AI Apps
Know which copilots, assistants, and AI add-ons are active across tools like Slack, M365, Google Workspace, Notion, Cursor, Lovable, n8n, Agentforce, and more.
.svg)
Policy-Based Access & Risk Scoring
Auto-classify AI tools based on vendor risk, permissions, and usage context. Stop high-risk AI before it sees anything sensitive.
.svg)
Map Data Exposure to AI Models
We show you which documents, conversations, and records are flowing through embedded AI engines.
.svg)
Continuous Governance
AI in SaaS is always changing. Reco adapts in real time—no manual audits, no falling behind.
How Reco Brings SaaS AI Governance to Life
1. Discover
We scan across your SaaS environment to uncover embedded AI tools and features instantly.
.svg)
2. Analyze
Understand what these AI systems can access—and what they're doing with your data.
.svg)
3. Control
Enforce governance with automated controls.
4. Audit
Get audit trails and usage history. Prove governance. Show control.