Categories Cybersecurity

Salesforces glaring Dreamforce omission: Vital security lessons from Salesloft Drift

  • By Maria Korolov
  • Estimated read time 1 min read
  • October 22, 2025
Salesforce’s glaring Dreamforce omission: Vital security lessons from Salesloft Drift

With white-labeled services, APIs, and now LLMs, these two goals are much more complex. “If you haven’t conducted a supply chain breach exercise yet, now is the time,” Winterfeld says. “These recent events underscore the importance of validating your program.”

Ironically, many security firms were among the victims, including Zscaler, Cloudflare, Palo Alto Networks, Pager Duty, SpyCloud, Tenable, Proofpoint, Rubrik, BeyondTrust, Bugcrowd, JFrog, CyberArk, and Black Duck.

One company who didn’t fall victim

One company that wasn’t scathed by the breaches was cloud-based IAM vendor Okta. Why? It allowed connections only from authorized IP addresses.

Tags ,

Written By

Maria Korolov

More From Author

Managing agentic AI risk: Lessons from the OWASP Top 10

Managing agentic AI risk: Lessons from the OWASP Top 10

  • December 19, 2025
Unsure 16z9

Tools, um MCP-Server abzusichern

  • December 9, 2025
Why can't enterprises get a handle on the cloud misconfiguration problem?

Why cant enterprises get a handle on the cloud misconfiguration problem?

  • November 7, 2025

You May Also Like

Figure 1. NosyDoor execution chain 1

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

  • December 20, 2025
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

  • December 20, 2025
Iranian APT Prince of Persia returns with new malware and C2 infrastructure

Iranian APT Prince of Persia returns with new malware and C2 infrastructure

  • December 19, 2025