Blog
When your Snowflake AI agent can query everything you can query
Snowflake Cortex is a powerful addition to the modern data platform, and the use cases are real. But every Cortex Agent deployment is also an identity governance event. The agent does not audit itself. It queries what it can query, surfaces what it can surface, and connects to what it is given access to.
No results found.
3 mins
I see a pattern in early-stage companies that is easy to miss because it looks like maturity. Teams borrow processes that work later, when an organization is larger and roles are more specialized, and they apply them far too early.
4 mins
By shifting toward a model of Zero Standing Privileges and implementing just-enough and Just-in-Time access for AI-driven workflows, security teams can empower their developers without turning their most productive tools into their greatest identity risks.
3 mins
Connectivity and authentication have become increasingly commoditized. Most organizations can point to mature tooling, common best practices and a set of controls that are at least defensible.
3 mins
If “governing privileged access” still means vaulting static credentials and shared jump-host accounts, you’re solving yesterday’s problem with yesterday’s tools.
3 mins
OAuth scopes solve an important part of the authorization puzzle: delegated capability. But they are only one piece. To do MCP authorization properly, you need scopes for the big picture and server-side RBAC for least-privilege enforcement.
3 mins
The ServiceNow breach is a wake-up call. As we deploy more autonomous agents with access to critical business systems, we need authorization architectures designed specifically for the agentic paradigm not retrofitted from traditional security models.
5 mins
Azure AI Studio and Azure OpenAI offer transformative capabilities, but their integration into the Azure ecosystem brings unique identity security considerations.
8 mins
The P0 Authz Control Plane for Agents lets developer and security teams control access for agentic applications that connect to internal data sources, such as a Postgres, Snowflake, Mongo database through a chat interface.
6 mins
Recently, I wrote about the governance challenges and risks associated with Amazon Bedrock and today I’ll explore how the same principles apply to Google Vertex.
3 mins
Agentic systems are accelerating everything. They increase the number of access paths, expand the impact of bad permissions and highlight the limits of tools built for manual control.
6 mins
This is the final of a three-part series taking a look at modern privileged access management and how its evolution to the protection of more systems and more identities leads to both security and productivity improvements.
5 mins
AI agents are increasingly playing a part in how modern developer teams build, automate, and scale.
No results found.