A recent breach that compromised over 700 organizations, including Cloudflare, Palo Alto Networks, and Zscaler, has highlighted a significant gap in security operations. The breach, which occurred through Salesloft and Drift chatbot OAuth tokens, has shown that attackers are now targeting customer experience (CX) platforms to gain access to sensitive data.
CX platforms process billions of unstructured interactions every year, including survey forms, review sites, social feeds, and call center transcripts. These interactions are fed into AI engines that trigger automated workflows, which can touch payroll, CRM, and payment systems. However, no tool in a security operation center leader’s stack inspects what a CX platform’s AI engine is ingesting, leaving a significant gap in security. According to Proofpoint’s 2025 Voice of the CISO report, 98% of organizations have a data loss prevention (DLP) program, but only 6% have dedicated resources. Meanwhile, CrowdStrike’s 2025 Threat Hunting Report found that 81% of interactive intrusions now use legitimate access rather than malware.
Assaf Keren, chief security officer at Qualtrics and former CISO at PayPal, noted that most security teams still classify experience management platforms as ‘survey tools,’ which sit in the same risk tier as a project management app. This is a massive miscategorization, as these platforms now connect to HRIS, CRM, and compensation engines. Qualtrics alone processes 3.5 billion interactions annually, a figure that has doubled since 2023. The company’s XM Platform has been paired with CrowdStrike’s Falcon Shield to provide security teams with the same coverage over program activity, configurations, and data access that they already expect for Salesforce or ServiceNow.
The breach has also highlighted six blind spots between the security stack and the AI engine, including the inability of DLP to see unstructured sentiment data leaving through standard API calls, zombie API tokens from finished campaigns that are still live, and public input channels that have no bot mitigation before data reaches the AI engine. JPMorgan Chase CISO Patrick Opet flagged the risk of SaaS integration models creating single-factor explicit trust between systems through tokens that are inadequately secured and vulnerable to theft and reuse. Daniel Bernard, chief business officer at CrowdStrike, noted that adversaries are not breaking in, they’re logging in, and that lateral movement from a compromised CX platform runs through approved API calls.
The impact of this breach is significant, and security teams are responding with what they have. However, none of the current approaches deliver what CX-layer security actually requires: continuous monitoring of who is accessing experience data, real-time visibility into misconfigurations before they become lateral movement paths, and automated protection that enforces policy without waiting for a quarterly review cycle. As Assaf Keren noted, when an AI engine triggers a compensation adjustment based on poisoned data, the damage is not a security incident, it is a wrong business decision executed at machine speed.
Leave a Reply