GeminiJack: The Google Gemini Zero-Click Vulnerability Leaked Gmail, Calendar and Docs Data
A GeminiJack Executive Summary Noma Labs recently discovered a vulnerability, now known as GeminiJack, inside Google Gemini Enterprise and previously in Vertex AI Search. The vulnerability allowed attackers to access and exfiltrate corporate data using a method as simple as a shared Google Doc, a calendar invitation, or an email. No clicks were required from […]
The Definitive Guide to Secure Agentic Identity
View the high-resolution PDF here: Secure Agentic Identity 101
Atlas Shrugged: Trust Boundaries in the ChatGPT Agentic Browser
Back in the early days of the Domain Name System, engineers joked that DNS stood for “Does Not Secure.” DNS turns the internet from a maze of numbers into a map of names people can actually navigate, but early on, it was also ridiculously easy to abuse. Spoofing attacks and cache poisoning always loomed until […]
The Top-Five MCP Security Blindspots Putting Your Organization at Risk
The Model Context Protocol (MCP) is rapidly transforming enterprise AI capabilities, enabling agents to interact seamlessly with databases, APIs, and business systems. But this rapid adoption comes with a dangerous blind spot: organizations are unknowingly expanding their attack surface in ways that traditional security tools can’t detect. Unlike traditional software vulnerabilities that affect individual applications, […]
A CISO’s Guide to Agentic Browser Security
The recent release of the ChatGPT Atlas agentic browser from OpenAI marked a big moment in AI and browsing, but Atlas isn’t alone. A wave of browsers built with AI at their core are emerging, from Comet by Perplexity, to Fellou and Dia Browser, agentic browsers are centered on the same idea: your browser isn’t just a […]
The Noma Agentic Risk Map Delivers Complete AI Agent Visibility and Control
From Superpower to Shadow Risk AI agents give your business many superpowers. Developers use Cursor to write code at machine speed. Knowledge workers delegate complex tasks to ChatGPT Agents. Business teams build custom automation through low-code platforms like Microsoft Copilot Studio and Salesforce Agentforce. Engineering teams deploy sophisticated agent systems in production across cloud infrastructure […]
How Does Prompt Engineering Impact AI Security?
As any speaker will tell you, one of the most nerve-wracking and rewarding parts of presenting is the open Q&A at the end. Rewarding, because most speakers are there for one reason: to share knowledge with others. When you deliver a talk, you do your best to provide information that the audience will find useful, […]
OpenAI AgentKit Just Democratized Agent Building, and Multiplied Your Attack Surface
No-code agent builders have existed in platforms like Copilot Studio and n8n, but OpenAI AgentKit changes the equation through massive distribution. This capability now lives inside the most widely adopted AI platform in the world, transforming agent building into a true commodity. OpenAI has just given agent-building capabilities to everyone who already has access to […]
ChatGPT Apps: Easy Adoption Meets An Expanded AI Attack Surface
ChatGPT Apps was announced at OpenAI DevDay this week, fundamentally lowering the barrier to connecting ChatGPT with external applications across an organization. Instead of requiring technical configuration, users can now integrate applications through simple prompts. Type, “Spotify, make a playlist for my party this Friday,” and it creates one. Mention you’re buying a home, and […]
Noma Security Named 2025 SINET16 Innovator for AI and Agent Security Platform
Recognition validates Noma Security comprehensive approach to securing enterprise AI New York City – Oct. 9, 2025 – Noma Security, the unified platform for AI and agent security, today announced it has been named a 2025 SINET16 Innovator. The prestigious award recognizes the most innovative and compelling cybersecurity technologies addressing today’s threats and vulnerabilities. SINET […]
Noma Security Named a Cool Vendor in the 2025 Gartner® Cool Vendors in AI Security
Noma Security delivers comprehensive platform for AI and agent security NEW YORK CITY – October 8, 2025 – Noma Security, the pioneer in agentic AI security, today announced it has been named a Cool Vendor in the Gartner Cool Vendors in AI Security.1 The report states, “The rapid evolution of AI applications into AI agents […]
Runtime Guardrails for Microsoft Copilot Studio Agents
Microsoft Copilot Studio has become the enterprise standard for building AI agents, with organizations using it to transform customer service, accelerate operations, and reimagine how work gets done. But enterprise adoption at scale requires one critical element: security leaders must be able to confidently answer “yes” when the business asks to deploy agents into production. […]
Ten Steps to Secure AI with Noma Security and the Databricks AI Security Framework (DASF)
From Conceptual to Operational for Enterprise Cybersecurity Ten Steps to Secure AI with DASF Imagine this: a large financial services company unveils what is touted as a “game-changer” for customer service: Betty, an AI-powered virtual agent that can handle most inbound customer inquiries without human intervention. The AI was trained on a blend of publicly […]