Introducing Zenity for ChatGPT Enterprise

Introducing Zenity for ChatGPT Enterprise

More than 80% of Fortune 500 companies rely on ChatGPT Enterprise, not just as a productivity tool, but as a platform for building custom GPTs, leveraging knowledge files, and enabling collaboration through Canvas. As AI Agent adoption accelerates across every corner of the enterprise, business users are innovating faster than ever, often without security oversight.

While this rapid adoption fuels growth, it also introduces risk. Security teams are left asking critical questions like “who’s building these agents?”, “what systems and data are they connected to?”, “could sensitive information be leaking through vulnerabilities, prompt injection, or agents going rogue”? Until now, security teams have lacked the visibility, governance, and security needed to manage risk associated with ChatGPT Enterprise.

Today, we’re excited to announce Zenity for ChatGPT Enterprise, a powerful integration that brings full lifecycle visibility, governance, and security to the world’s most widely adopted AI Agent platform. With this launch, Zenity becomes the first and only end-to-end platform purpose-built to govern and secure AI Agents from buildtime to runtime, empowering security teams to lead innovation without compromise.

A Pivotal Moment for Security

Zenity is built specifically for the security teams now tasked with managing AI Agent risk often without the tools, frameworks, or visibility to do so effectively. In ChatGPT Enterprise, business users are no longer just chatting with a helpful assistant; they’re actively building and using Custom GPTs, uploading proprietary knowledge files, and collaborating through Canvas. These actions happen fast, often without security review, and can introduce serious risks from over-permissioned integrations to sensitive data exposure and prompt manipulation.

Legacy tools simply weren’t designed for this kind of dynamic, user-driven environment. Zenity fills this critical gap by securing both the ChatGPT Enterprise platform and how users interact with it. Our platform provides depth in security; full lifecycle coverage, agent-level observability, security posture management, threat detection - all in one platform. Zenity empowers teams to move from reactive to proactive enabling safe, scalable innovation without slowing down the business.

Going beyond prompts

Through our integration with the OpenAI Compliance API, Zenity delivers deep, agent-level visibility, continuous risk assessment, real-time threat detection, and automated policy enforcement across the entire AI Agent lifecycle.

This means going far beyond prompt monitoring or basic activity logging. Zenity gives security teams full lifecycle protection - from the moment a Custom GPT is built to how it’s configured, shared, and used. Whether employees are spinning up new GPTs, collaborating in Canvas, or uploading knowledge files to accelerate work, Zenity ensures every interaction is tracked, assessed, and governed.

With Zenity, teams can:

• Scan Custom GPTs at buildtime for misconfigurations, hardcoded secrets, excessive permissions, and privilege escalation risks—so issues are caught before they ever reach production
• Detect runtime threats like prompt injection, RAG manipulation, unauthorized data access, and agent drift as they happen
• See the full picture across GPTs, Canvas docs, tools, configurations, knowledge files, user actions, and shared content—mapped and correlated in context
• Respond instantly with Click-to-Fix remediation actions like isolating agents, deleting sensitive files, or restricting access to reduce dwell time and stop threats in their tracks

Why Prompt Shielding Isn’t Enough

To illustrate the risks, consider a GPT built by the sales team to help automate CRM updates. It quickly becomes a go-to productivity tool, streamlining tasks and saving valuable time. But in building it, the creator (like many well-intentioned business users) makes a few critical mistakes.

The GPT is connected to the CRM via a hardcoded API key. That key belongs to a power user with broad permissions. Instead of controlling access, the GPT is shared through an org-wide link making it available to anyone in the workspace, including external guests. Every action taken through the GPT is authenticated via the same key, meaning all activity is logged under a single identity with no traceability.

In essence, it’s credential sharing, user impersonation, and unauthorized access all wrapped up in a well-meaning use case.

This isn’t an edge case. These risks are emerging across every department where AI Agents are being created and shared. And they don’t require prompt injection or a malicious actor to cause harm, just the wrong combination of building blocks.

Under the Hood: Zenity for ChatGPT Enterprise

AI Observability

Real-time visibility into every layer of ChatGPT Enterprise including custom GPTs, Canvas docs, knowledge files, user actions, and shared content. Zenity tracks how agents are built, used, and connected, giving teams the context they need to govern AI risk.

AI Security Posture Management (AISPM)

Catch risk at buildtime. Zenity enforces best practices by detecting excessive permissions, weak authentication, hardcoded secrets, public sharing, and misconfigurations across GPTs and shared content. It also flags prompt injection paths, privilege escalation risks, and data exposure indicators.

AI Detection & Response (AIDR)

Identify and respond to threats like prompt injection, hidden instructions, data exfiltration, and more. Zenity maps findings to OWASP and MITRE frameworks and enables instant remediation with API-driven actions.

Why It Matters

This isn’t just a product milestone. It’s a critical step forward in defining what secure AI adoption looks like.

AI Agents are already reshaping how work gets done across every industry. But legacy security tools weren’t built for this moment. Scaling AI safely requires a new kind of platform, one that’s deeply agent-aware, lifecycle-oriented, and aligned with the realities of business-led innovation.

Zenity meets this moment with the control, guardrails, and visibility security teams need to embrace AI Agents at scale without compromise.

Ready to See It in Action?

Come see us at RSA 2025, Booth 2057 in the south Expo Hall, for a live demo of how Zenity secures ChatGPT Enterprise from buildtime to runtime. Or request a personalized demo today to take the first step toward secure, scalable AI Agent adoption.