Risky Business

Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup"

65 snips
Sep 3, 2025
Guest
Edward Wu
Edward Wu, the Founder and CEO of Dropzone.AI, joins the discussion as they explore the cybersecurity landscape. They dive into the implications of the Salesloft breach, addressing OAuth security challenges and its effects on client data. Wu shares insights on how AI-driven tools can significantly aid smaller organizations in enhancing their security measures. The conversation also touches on the ongoing struggles of cyber warfare and ransomware, emphasizing the importance of innovative solutions for those facing resource constraints.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
INSIGHT

OAuth Token Sprawl Creates Dangerous Paths

  • OAuth token sprawl creates complex, multi-tenant attack paths across cloud services.
  • Stolen bearer tokens at Salesloft let attackers pivot into many customers' cloud assets quickly.
ADVICE

Constrain Tokens And Require Scoped OAuth

  • Constrain and cryptographically bind tokens where possible to reduce misuse after theft.
  • Require vendors to implement scoping controls and key-bound OAuth extensions during procurement.
INSIGHT

Suppliers' Breaches Are Customers' Responsibilities

  • Customers own the risk of chosen suppliers and must accept responsibility for downstream breaches.
  • Cloudflare took ownership and rotated exposed tokens to remediate impact after SalesLoft disclosures.
Get the Snipd Podcast app to discover more snips from this episode
Get the app