AI security is an ecosystem problem. Together, we're solving it.

In the rush to deploy AI, it’s easy to focus on what the technology can do and forget about what it must protect. 

As AI agents begin to handle more of our data, the “surface area” for risk expands. It’s no longer just about the security of your own platform. A vulnerability in any one third-party app or API connection can create a ripple effect across the entire ecosystem.

Last August, Zendesk took a proactive stance on the necessity of modernizing API security. Today, I’m encouraged to share a major milestone in our push for enhanced integrity: with the addition of Productboard, over 1,000 partner apps and integrations have now met these rigorous integration security requirements.

Standardizing industry accountability

This is an important shift in how we manage collective security. Trust in a partner ecosystem must be earned, verified, and continuously maintained. Our Marketplace Ops team reviews every app submission to make sure it meets our current standards.

“By aligning with Zendesk's enhanced security standards, we're helping shared customers capture essential product requests and feedback in Productboard with total confidence. Meeting this higher bar for trust and security means our shared customers can move forward with less worry and zero added complexity. Together, we're building a more resilient foundation for secure, scalable innovation.”
— Martin Felcman, VP of Product & Design at Productboard

Strength through vigilance 

The bedrock of a strong ecosystem is the trust that developers are both adhering to our usage policies and operating in good faith. 

We believe that trust is earned through transparent, consistent execution. Setting a high bar is only effective if you are willing to ensure it, so while we celebrate this milestone, we also remain vigilant. 

While the vast majority have complied, we are notifying developers that do not meet our standards that they will be removed from our ecosystem. We believe enforcing these standards is essential to ensuring the Zendesk Marketplace remains a safe, high-integrity environment for everyone who uses it.

How this new baseline protects you

By adopting these new requirements, our partners have:

• Enhanced security: Leveraging Global OAuth tokens, which significantly reduces the risk of exposing customer credentials by utilizing short-lived, delegated access.
• Radically improved observability: Using API header transparency to help detect and block malicious activity in real-time before it reaches your business.
• Codified modern governance: Ensuring that data flowing into AI models is handled with the highest level of care and consent.

The road ahead

We are deeply committed to leading the AI evolution in service, but we refuse to let innovation come at the expense of trust. As AI agents become more autonomous, appropriate governance is the only thing that will prevent innovation from becoming a vulnerability.

I want to thank our partners who are now in compliance and leading this charge with us. Together, we are proving that we can move with the speed the market demands, while maintaining the structural integrity required to stay ahead.