Valence Security’s cover photo
Valence Security

Valence Security

Computer and Network Security

New York, NY 7,997 followers

Secure SaaS and AI in the Agentic Era

About us

Valence protects organizations from threats created by SaaS and AI sprawl. By unifying SaaS discovery, SSPM, AI security, and ITDR, Valence delivers the comprehensive coverage needed to find and fix SaaS and AI risks. The platform uncovers shadow AI and AI agents, flags misconfigurations before they become incidents, and detects unusual activity across human and service identities. Valence goes beyond visibility with one-click remediation, automated workflows, and guided collaboration to help security teams operationalize their SaaS and AI security programs. Trusted by leading organizations, Valence enables secure SaaS and AI adoption.

Website
https://www.valencesecurity.com/
Industry
Computer and Network Security
Company size
51-200 employees
Headquarters
New York, NY
Type
Privately Held
Founded
2021
Specialties
SaaS Security, AI Security, SSPM, AI-SPM, AI Governance, AI Agent Security, SaaS Discovery, Risk Remediation, ITDR, Identity Security, Shadow SaaS, Shadow AI, SaaS Data Protection, OAuth, SaaS Integrations, Non-Human Identities, Microsoft Security, Google Security, ChatGPT Security, Salesforce Security, Zoom Security, Slack Security, Copilot Security, GitHub Security, Workday Security, Gemini Security, OpenAI Security, Claude Security, Snowflake Security, AI Data Leakage, LLM Security, and AI Compliance

Locations

Employees at Valence Security

Updates

  • Another trusted integration just became an entry point into Salesforce. This time it was Klue, an AI-powered competitive intelligence tool. Attackers used a compromised legacy credential to harvest the OAuth tokens Klue's customers use to connect it to their systems, then used those tokens to pull CRM data directly. In the days that followed, a growing list of organizations confirmed that data was stolen from their environments. This was not a Salesforce vulnerability. It was a trusted integration, abused. The pattern is now familiar: Salesloft Drift, Gainsight, and now Klue. As AI tools get connected into core systems faster than security teams can see them, every one of those integrations inherits access and becomes part of your attack surface. The takeaway is simple. The ecosystem is the attack surface, and the OAuth tokens, AI tools, and SaaS-to-SaaS integrations connected to your critical apps deserve the same scrutiny as the apps themselves. We broke down what happened, why it keeps happening, and what security teams should do now. Read the full analysis: https://lnkd.in/ga3_ixYq #SaaSSecurity #OAuth #AISecurity #Salesforce #SupplyChainSecurity #CISO

    • No alternative text description for this image
  • View organization page for Valence Security

    7,997 followers

    AI agents have already entered the enterprise 🕵️♂️ They’re accessing systems, triggering workflows, and acting on behalf of employees, often without any ownership, guardrails, or accountability. That’s exactly why Yoni Shohet is leading a discussion at the Foundry CSO Conference and Awards next week about what happens when "You Didn’t Hire That AI Agent" 🤖 The session will dig into what security leaders need to rethink as agents become part of the enterprise workforce. If you’ll be there, come join the conversation. #AIsecurity #AgenticAI #SaaSSecurity #Cybersecurity #CISO #CSO Yoni Shohet | Robert Grant | Nick Anderson

    • No alternative text description for this image
  • Huge thank you to GuidePoint Security for having us out at GPSEC St. Louis!! 🙌 Such a great day connecting with customers, partners, and the broader security community at beautiful Energizer Park ⚾ We loved the opportunity to share how teams can bring stronger visibility, governance, and control to SaaS and AI environments that are moving faster than ever. Major thank you to Amanda Renshaw, Juno Bender, and the entire GuidePoint marketing team for creating such a fantastic experience for everyone involved. The venue was incredible, the conversations were strong, and the energy throughout the event was exactly what makes this community so special. Jake Alosco | Robert Grant | Jonathan Villa | Matt Peterson | Andy Lux | Felix Simmons | Amanda Renshaw | Juno Bender

    • No alternative text description for this image
    • No alternative text description for this image
    • No alternative text description for this image
    • No alternative text description for this image
    • No alternative text description for this image
  • Valence has been recognized in the SSPM category in Gartner's 2026 Hype Cycle for Cyber-Risk Management! SaaS runs the business. Securing it is no longer optional, and the threats keep evolving fast: misconfigurations, identity attacks, sprawling SaaS-to-SaaS connections, and AI agents accessing sensitive data through MCP. Thank you to our customers and partners who push us forward every day! #SaaSSecurity #AISecurity #SSPM #AISPM #Cybersecurity

    • No alternative text description for this image
  • n8n went from low-code automation tool to full AI agent orchestration layer pretty fast. Security hasn't kept up. The real risk isn't the platform itself. It's what happens when workflows become overprivileged over time, AI agents process untrusted inputs, and teams spin up automation environments that nobody's reviewing. An agent with access to your CRM, ticketing system, and cloud storage can do a lot of damage if a prompt injection hits it. And if nobody audited the OAuth scopes those workflows are running on, the blast radius is bigger than you may think. We put together a full breakdown of the risks and how to lock them down. 🔗 in comments #n8n #AIAgents #SaaSSecurity #AISecurity

    • No alternative text description for this image
  • AI agents are about to get a meaningful upgrade inside the browser, and most security teams aren't watching. WebMCP is a new browser API (live in Chrome behind a feature flag) that lets websites hand structured tools directly to AI agents. Instead of scraping pages and clicking buttons, the agent just calls the function. Here's the catch... Browser agents today are slow and unreliable, and that friction has been doing quiet security work by limiting what they can actually pull off inside a user's session. WebMCP removes that friction. The agent still runs inside the user's authenticated session. Same permissions, same identity, no separate credential for security to track. When an agent takes action, the audit log just shows the human did it. Access reviews aren't going to catch this. The link in Comments is worth a read if you own SaaS or AI agent risk. #AIAgents #SaaSSecurity #AISecurity

    • No alternative text description for this image
  • Shadow AI just cost Vercel a breach. One employee signed up for Context AI using their corporate Google account and clicked "Allow All" on the OAuth prompt. No security review. No procurement. No IT ticket. Weeks later, Context was compromised. The attacker pivoted through that OAuth token, took over the Vercel employee's Google Workspace account, and gained unauthorized access to Vercel's environment. ShinyHunters is reportedly selling the data for $2M. The uncomfortable truth: your attack surface isn't just the SaaS you approve. It's every AI app an employee connects to your Workspace tenant with broad scopes, and every vendor in that chain. Security teams need to continuously review OAuth grants and other SaaS-to-SaaS integrations to contain the blast radius of shadow AI adoption.

  • When Marc Benioff says "our API is the UI," most people hear a developer story. CISOs should hear something different. If the browser is optional, then every misconfigured sharing rule, every over-scoped OAuth grant, every connected app you forgot about is now reachable by an agent that never hesitates and never sleeps. SaaS and AI posture was already important. In the agentic era, it matters significantly more. Our latest blog post shares what this shift means for security leaders, and the five questions every CISO should be asking right now. 👉 Link in comments #SaaSSecurity #AISecurity #CISO #AIAgents

    • No alternative text description for this image

Similar pages

Browse jobs

Funding