While security is the main responsibility of the CISO, we’re seeing CIOs becoming increasingly tuned into security because of the rise of agentic AI throughout an organization’s technology portfolio. Seventy-five percent of organizations anticipate an increase in their security budgets to help fend off more frequent and sophisticated cyber threats. Until CIOs are confident that an AI agent has been developed securely and tested thoroughly, it won’t make it out of the sandbox into operation. The fastest path to success is a secure-by-design AI agent, with security embedded from day zero, in the early planning phase, and throughout the DevSecOps lifecycle.
Robust data privacy and security, including data masking and anonymization, requires automation in DevSecOps to improve efficiency and cost-effectiveness, ultimately leading to faster revenue growth and higher operating margins.
Here are five DevSecOps tips to ensure a smooth and successful adoption of Agentforce:
1. Avoid storing sensitive data in Sandboxes
The exposure of sensitive information, such as Personally Identifiable Information (PII) and Protected Health Information (PHI), can be amplified in development and testing environments due to agentic AI’s rapid data processing capabilities. These sandbox environments typically have a lower level of security and more third-party developers or consultants with access. Therefore, it’s increasingly important to avoid storing sensitive data in development and test environments. A great first step is to implement Zero Trust security principles, which assume that all developers and machines are compromised and therefore advocates for data masking and seeding techniques. Additionally, always follow the principle of least privilege (PLP).
Identifying and labeling sensitive data that must be protected from day zero. Data classification is the foundation for protecting information properly, enabling you to know what fields require added layers of protection with masking, anonymization, encryption, permissions, field history tracking, and monitoring. Rather than using spreadsheets to track what to protect, encode this in tools that automate data masking and anonymization, avoiding human error in the process. This is particularly important with agentic AI, which requires regularly refreshed seeding to ensure data realism to simulate real-world environments.
Ship code faster and safer with Salesforce DevSecOps.
Learn how DevSecOps helps teams integrate security from the start, ensuring every process, app, and agent stays protected.
2. Implement defense in-depth with guardrails and prompt injection detection
When designing agentic AI, traditional security principles still apply, including implementing least-privilege access. Grant agents only the permissions they need to perform their task. For example, avoid using a flow with System Context – Access All Data, as it could allow users to access data they wouldn’t normally.
Also, implement guardrails and policies to control agent behavior. A guardrail could be a policy that explicitly prohibits an AI agent from providing financial advice or accessing sensitive customer financial data, even if a user’s prompt attempts to elicit such actions.
Beyond such preventative measures, it’s also critical to defend against prompt injection attacks. A prompt injection attack refers to a malicious prompt designed to elicit unintended information or fraudulent actions from a large language model (LLM). Prompt injection attacks exploit an LLM’s instruction following ability and may trick them into bypassing security policies, disclosing sensitive data, or producing harmful content.
With the advent of agentic workflows, detecting and deflecting prompt injection attempts is of vital importance.
3. Ground agentic AI with high-quality data
Automated backups and granular recovery capabilities are essential during development, providing a safety net for rollbacks and precision data repair. Comparing on-demand backups created before and after release enables easy review of changes to verify that all expected updates were successfully deployed. They’re also highly valuable for developing agentic AI, as they offer historical data for testing and training. Additionally, comparing backups before and after deployment helps verify that changes were as expected.
4. Accelerate agentic AI with DevSecOps automation
Automation is a “no brainer, game changer” for efficiently implementing DevSecOps for agentic AI, streamlining data classification, anonymization, monitoring, alerting, and threat detection. Benefits of automating DevSecOps include:
- Avoiding bugs and errors
- Providing InfoSec visibility
- Preventing costly rework
- Deploying with InfoSec approval when ready, rather than waiting
- Detecting risks proactively
- Rolling back from backups if necessary
- Repairing unintended changes and failing-forward
Here are some examples of tasks at each stage of the DevSecOps lifecycle that can be optimized using automation:
5. Thoroughly test and monitor AI agents
Thorough testing and continuous monitoring are essential to ensure the reliability and security of AI agents. Start by using realistic data sets that closely mimic real-world scenarios to validate the AI’s performance and decision-making capabilities. Scale testing is equally important, as it helps identify performance and security issues that might not be apparent in smaller, controlled environments. During and after the development phase, continuously monitor the AI for both security and performance to catch and address any vulnerabilities or inefficiencies early.
Accelerate agentic AI with DevSecOps
DevSecOps isn’t a blocker but a business enabler. By integrating security into the development process from the very beginning, organizations can achieve faster development cycles, as security issues are identified and resolved early, avoiding costly delays and rework.
Learn more about how Salesforce prioritizes security across its platform and access additional security resources.
Rewrite your roadmap for an IT-first world
Dive into the full findings of the 4th State of IT report and see how top IT teams are turning pressure into progress.
