
Work Here?
Gainsight provides customer success management software and training for SaaS businesses. The core product is a platform that combines analytics, customer health scoring, and automated workflows to monitor and improve how companies engage with and retain customers. It aggregates data from multiple systems, surfaces at-risk accounts, and automates touchpoints to drive proactive engagement. Gainsight differentiates itself by pairing a comprehensive, ready-to-use CSM platform with extensive training and certification programs for Customer Success Managers, helping teams fully leverage the tool and scale customer success efforts. The company operates on a subscription model with tiered offerings, aligning its revenue growth with its customers’ retention and expansion. Overall, Gainsight aims to help subscription-based businesses reduce churn, increase lifetime value, and maintain strong customer relationships across industries like technology, finance, and healthcare.
Industries
Data & Analytics
Enterprise Software
Company Size
1,001-5,000
Company Stage
Acquired
Total Funding
$1.3B
Headquarters
San Francisco, California
Founded
2009
People at Gainsight who can refer or advise you
Help us improve and share your feedback! Did you find this helpful?
Total Funding
$1.3B
Above
Industry Average
Funded Over
7 Rounds
Health Insurance
Dental Insurance
Vision Insurance
401(k) Plan
Unlimited Paid Time Off
Remote Work Options
Fertility Treatment Support
Hybrid Work Options
Karl Mosgofian on the AI risks most CIOs are missing. On a recent episode of AI Impact, host Russ Frieden sat down with Karl Mosgofian, the former CIO of Gainsight and now a CIO advisor. Their conversation is aimed squarely at enterprise technology leaders. Karl spent the hour challenging some of the assumptions that have hardened around enterprise AI over the last two years and argues that most CIOs are bracing for the wrong security threat. The shadow AI problem CIOs haven't reckoned with Karl's most pointed critique is about where security attention is being spent. CIOs, he says, are overly worried about their contracted SaaS and LLM vendors. Those vendors have signed contracts and completed security reviews; they have solid business reasons not to misuse data. "If they mess it up, their whole company is gone." Karl notes. The real exposure, in Karl's view, is the free AI tool an employee downloaded without telling anyone: no contract, no IT review, no company visibility. His point lines up with a finding that Russ reports from Larridin's own customer base: roughly two-thirds of the AI tools in use inside an enterprise are unknown to the CIO. For CIOs and CTOs trying to set governance priorities, Karl's message is clear: the threat is on the unsanctioned side of the wall, far more than the vendor side. Agents need their own identity in directory services Karl then brought up a topic many enterprises haven't yet operationalized: identity for agents. When agents take real action inside a company, the question of who did this becomes critical. If an agent acts solely under a human's credentials, accountability collapses when something goes wrong. Karl pointed to Microsoft's recent move authorized agents now has their own identity within directory services, rather than running as the human who deployed the agent. For CIOs and CTOs, the implication is concrete: HCM and IAM strategies need to evolve to treat agents as first-class principals. Without this, audit trails, least-privilege controls, and incident response all degrade as agents proliferate. Why CIO and HR are aligning Karl agreed with Russ's thesis that the CIO and HR functions are converging. As agent workforces scale, the line between managing humans vs. managing systems that do human work blurs. Karl is careful to note that HR's legal and employment-law expertise won't vanish into IT, but he sees plenty of overlap waiting to be captured: shared help desks, shared policies, shared onboarding flows. Greenfield companies, he suggested, have a chance to design these functions together from day one. The anatomy of AI projects that actually scale For all the experimentation of the last two years, Karl's recipe for a successful AI project sounds refreshingly old-fashioned: start with the problem you're trying to solve and define how you'll measure whether it worked. He warns that the common approach - "cool stuff, let's throw it in there" - is an acceptable approach for generic productivity tools, but a budget-burner when applied to higher-stakes departmental projects. CFOs, he predicted, are about to start asking CIOs to consolidate the ten overlapping tools that experimentation produced, ending what Karl called the current "golden glow" of AI freedom. He was equally direct about adoption. Top-down Zoom trainings produced little movement at Gainsight. What worked was small-group peer learning: teammates trading real, relevant use cases. Karl framed prompting as a new core skill, comparable to the need to learn how to search Google effectively for research, beginning in the 2000s. CIOs and CTOs who underinvest here, he warned, are simply leaving value on the table. Where AI will hit next AI has already become normalized in Engineering and customer support. Where will it be more fully accepted next? Karl suggests the answer will derive from the first principles of LLM functionality: it's a large language model. The functions that work primarily with words will benefit most. He named legal, marketing, and technical documentation as the next wave. Karl describes this moment as the most exciting stretch of his career. Department heads who once viewed the CIO as an obstacle now want partnership. This window won't last forever; once CFOs start demanding ROI, CIOs will return to the gatekeeper role. But for now, Karl's advice to enterprise technology leaders is to get agent identity right, take shadow AI seriously, and invest in the small-group learning that actually moves adoption. Listen to the full conversation between Russ Frieden and Karl Mosgofian on AI Impact.
Mitigating the Gainsight - Salesforce breach risk with Token Security. Ido shlomo. Gainsight is a leading Customer Success Management (CSM) platform with deep integrations into systems like Salesforce. In November 2025, Gainsight suffered a major security breach in which attackers compromised OAuth tokens for its Salesforce AppExchange applications. These tokens allowed unauthorized access to customers' Salesforce data. Salesforce confirmed abnormal activity through Gainsight's connected app and responded by revoking all Gainsight-issued access and refresh tokens. Salesforce also emphasized the breach was not caused by a flaw in its platform, but stemmed from Gainsight's external connection. The incident's scope was large. Google's Threat Intelligence team identified more than 200 potentially affected Salesforce instances, and Gainsight serves around 1,000 customer organizations. Because Gainsight integrates with many platforms, Salesforce, Google Workspace, Microsoft 365, Zoom, Snowflake, and others, stolen OAuth credentials could be used to access multiple systems across its customer base. In response, Salesforce pulled Gainsight's app from the AppExchange, and other marketplaces temporarily did the same. The event underscores how third-party integrations can become high-impact attack vectors. The OAuth Token Compromise This was a textbook SaaS supply-chain attack. Rather than exploiting vulnerabilities, attackers stole OAuth access tokens that allowed the Gainsight app to act inside customer Salesforce orgs. With these tokens, they executed API calls and exfiltrated data, bypassing Salesforce's built-in security. This attack resembles an August 2025 incident involving Salesloft's Drift application, where attackers used stolen OAuth tokens to access data from more than 700 Salesforce customers. Over a billion Salesforce records were reportedly compromised in that case. These events highlight the rise of OAuth-based attacks: threat actors increasingly target third-party SaaS apps with wide, trusted access into enterprise environments. The Gainsight incident shows that organizations must scrutinize OAuth tokens and integrations with the same rigor applied to core infrastructure. Its Recommended Actions to Mitigate OAuth Token Breaches * Rotate All Credentials Immediately: Treat all credentials held by a breached app as compromised. Revoke or rotate every token, API key, and secret across all connected systems. * Enforce Network Restrictions: Re-issue tokens bound to trusted IP ranges or cloud environments. Limit where tokens can be used to reduce abuse risk. * Scan for Secrets and Audit App Footprint: Use secret scanning across code, configuration, custom data fields and cloud workloads to uncover any lingering credentials. Map out the integration's full scope and permissions. * Review OAuth Grants and Permissions: Remove unnecessary scopes and enforce least privilege. Reassess all connected apps and revoke unused or overly broad OAuth grants. * Enable Comprehensive Monitoring: Monitor service accounts and integration activity as closely as user activity. Enable API logging and anomaly detection for all third-party integrations. * Conduct a Focused Security Assessment: Determine exactly which systems the app accessed, what data was exchanged, and whether any unauthorized modifications occurred. * Coordinate with Vendors: Follow updates, indicators of compromise, and remediation guidance from both the third-party vendor and the platform provider. The November 2025 Gainsight - Salesforce breach exemplifies a major shift in attacker strategy: exploiting trusted SaaS integrations via stolen credentials. Organizations must treat third-party applications as part of their security perimeter, maintaining inventories of integrations, enforcing the principle of least privilege, locking down network access, and continuously monitoring for anomalies. How Token Security Helped Its Customers Rapidly Respond At Token Security, Token focus on preventing identity-based threats and compromises. Once the Gainsight breach was confirmed, Token immediately assessed customer exposure. About half of its Salesforce-using customers had Gainsight integrations, making rapid action critical. * Inventorying Gainsight Credentials: Using its discovery capabilities, Token cataloged all Gainsight-related accounts and OAuth tokens across customer environments, including API keys, IAM users, Snowflake accounts, and Entra ID service principals. Some accounts were inactive or already removed, reducing risk. Others were active, such as a Gainsight AWS integration user with a recently updated access key or a Snowflake account with a fresh password change. This inventory allowed customers to quickly see where Gainsight had access. * Credential Rotation and Restrictions: Token either rotated or confirmed the rotation of every Gainsight-related credential, API keys, OAuth tokens, and other secrets. Although Salesforce had revoked its tokens, Token ensured all other systems were also protected. When re-establishing integrations, Token advised customers to implement network restrictions so that new credentials could only be used from Gainsight's official environment. * Monitoring and Threat Detection: Token heightened monitoring of all Gainsight-linked accounts, looking for unusual logins, API calls, or data movements. This ensured no ongoing abuse remained after token revocation and provided customers with rapid visibility into any anomalies. * Customer Guidance: Token offered tailored recommendations based on each customer's environment for example, removing unused service principals or reviewing downstream systems Gainsight accessed. This helped customers understand the full blast radius and verify data safety across connected systems. Token Security's approach enabled its customers to rapidly identify exposure and eliminate compromised credentials. As attackers increasingly target the app layer, vigilance around OAuth tokens, service accounts, and third-party integrations is essential to preventing breaches. To learn more about how Token helped its customer mitigate the Gainsight-Salesforce breach, request a demo today of the Token Security Platform.
Find jobs on Simplify and start your career today
Industries
Data & Analytics
Enterprise Software
Company Size
1,001-5,000
Company Stage
Acquired
Total Funding
$1.3B
Headquarters
San Francisco, California
Founded
2009
Find jobs on Simplify and start your career today