Klein defined that automation instruments themselves go away distinct fingerprints. Platforms like n8n, Make, and Zapier exhibit recognizable workflow signatures, which Reco makes use of to detect and map how these automations work together throughout methods. “An AI agent accessing 500 Salesforce data per minute seems totally different from a human consumer,” he stated. Moreover, for native brokers like Microsoft Copilot or Salesforce Agentforce, Reco claims to watch characteristic enablement, information entry patterns, and cross-application exercise that conventional SSPM instruments categorize as “regular consumer habits.”
The providing is positioned round real-world patterns noticed by Reco, which embrace shadow automation with extreme permissions, misconfigured enterprise brokers, and even credential publicity in AI workflows. In noticed incidents, this ranged from brokers with full learn/write entry to buyer PII in Salesforce, monetary information in NetSuite, supply code in GitHub, to an unnamed agent exfiltrating buyer information to a private Airtable account for 8 months earlier than discovery.
Aiming the place conventional SSPM falls quick
Reco positions the launch as a break from conventional SSPM, arguing that these instruments have been by no means designed for autonomous methods.
