1.8M Prompts, 30 Alerts: Hunting Abuse in a User-Defined Agent Ecosystem

Name: 1.8M Prompts, 30 Alerts: Hunting Abuse in a User-Defined Agent Ecosystem
Duration: 20 min
Description: Salesforce's security data science team built a behavioral anomaly detection system that filters 1.8 million daily agent prompts down to fewer than 30 actionable alerts — without ever reading customer prompt data. The key insight: stop policing what agents *say* and start watching what they *do* at the execution layer. ---

Matt Rittinghouse, Millie Huang

[un]prompted 2026 — AI Security Practitioner Conference · Day 2 · 2

Salesforce's security data science team built a behavioral anomaly detection system that filters 1.8 million daily agent prompts down to fewer than 30 actionable alerts — without ever reading customer prompt data. The key insight: stop policing what agents *say* and start watching what they *do* at the execution layer. ---

AI review

Salesforce brought production data to back up something the rest of the industry is still whiteboarding. 1.8 million prompts, fewer than 30 alerts, zero customer data read — and an architecture that correctly identifies execution-layer telemetry as the actual signal. The '14-day warm-up' advice alone is worth the ticket price for any SOC lead currently drowning in day-one false positives.

Watch on YouTube