As AI agents spread, 1Password's new tool tackles a rising security threat

David Gewirtz / Elyse Betters Picaro / ZDNET

Follow ZDNET: Add america arsenic a preferred source connected Google.

ZDNET's cardinal takeaways

• AI agents request credentials, creating a increasing endeavor risk.
• 1Password launches Unified Access to negociate quality and AI secrets.
• Platform discovers, secures, and audits credentials crossed environments.

Let's speech for a infinitesimal astir AI agents. You tin deliberation of them arsenic integer virtual employees who are tasked with performing definite jobs. In fact, you tin marque a reasonably bully analogy betwixt AI agents moving astir your web and quality workers.

Back successful the days earlier Zoom, I utilized to bash a batch of concern traveling. At the time, I had a feline named Sammy. I had to permission her location whenever I went connected 1 of these trips. After her archetypal acquisition successful a kennel (which did not spell well), I vowed to ne'er kennel her for a travel ever again.

Also: Is your AI cause a information risk? NanoClaw wants to enactment it successful a virtual cage

Instead, I hired a person of a person to travel into my flat a fewer times a time to provender her, play with her, and support her company. Even though this signifier was necessary, I ever had immoderate large worries. First, Sammy was not an extracurricular cat. What if the feline caregiver fto her out? What if the feline caregiver decided to muck astir with my stuff?

I ever got the cardinal backmost from the feline watcher erstwhile I got home, but did they marque a copy? Should I alteration the fastener aft the trip? For a while, I flew monthly. Would I request to alteration the fastener each month? Fortunately, thing went wrong. But the interest was there.

These are the types of problems we're starting to look with AI agents (except overmuch worse). For agents to bash their jobs, they request to person entree to galore cardinal systems and information sets. They request to beryllium capable to log in. They request entree keys, passwords, API keys, and credentials of each sorts.

The large hairball of a occupation is that determination haven't been unified systems for managing cause access. Instead, developers person been pasting API keys close into their code, putting passwords into substance files, and adjacent sometimes pasting full credential sequences into AI prompts.

1Password, galore agents

I'm not the lone idiosyncratic waking up successful the mediate of the nighttime successful a acold sweat worrying astir the implications of this.

The folks astatine 1Password person been noodling connected this occupation for rather immoderate time. Today, it is announcing Unified Access, an AI cause credential absorption instrumentality that is designed to assistance organizations securely negociate the entree power challenges that armies of AI agents introduce.

Also: AI agents are fast, loose, and retired of control, MIT survey finds

The Unified Access offering is disposable present (with the objection of an audit capability, which is coming soon). It provides tools to discover, secure, and yet audit web entree crossed some quality and AI identities.

If you deliberation this is akin to Microsoft's Agent 365 individuality absorption merchandise announced past week, you aren't wrong. I foretell we'll spot more. Once companies started to wide deploy agents, the ID absorption situation became reasonably instantly apparent.

I've been noticing a inclination recently. AI is moving truthful fast, and companies are engineering truthful rapidly to accommodate and lick emerging problems, that we're seeing regular cases of parallel evolution. As a caller occupation emerges due to the fact that of a erstwhile innovation, a clump of companies simultaneously denote solutions designed to hole the emerging problem. That's the lawsuit present with agentic credential management.

1Password's attack is considerably little Microsoft-centric than Agent 365, but it besides focuses connected protecting credentials, secrets, and instrumentality identities arsenic AI systems statesman performing actions crossed endeavor environments.

AI agents present caller individuality and credential risks

"AI adoption is reshaping our menace model," said Heather Cannon, Director of Security astatine DigitalOcean. Think astir those 7 words. That's a wow close there. David Faugno, CEO of 1Password, amplifies that thought, saying, "Agents are present operating wrong existent accumulation environments."

That's the challenge. AI tools are rapidly moving from experimental curiosities to afloat empowered virtual workers successful accumulation environments. They telephone APIs, execute workflows, and entree infrastructure connected behalf of users. These automated systems often trust connected the aforesaid credentials developers usage to entree interior APIs, infrastructure, and endeavor data.

Also: OpenClaw is simply a information nightmare - 5 reddish flags you shouldn't disregard (before it's excessively late)

Cannon says, "For DigitalOcean, it's nary longer lone astir individuals mishandling credentials. We request wide visibility into which AI systems are operating crossed our environment." She says that 1Password's caller solution tin assistance it amended recognize and govern AI usage, with the extremity of reducing alleged shadiness AI risks, and standard AI adoption successful a mode that's endeavor safe.

Discovering embedded risks enterprise-wide

Confusingly, 1Password calls its caller offering a "platform model." This is not an AI model, arsenic successful ample connection model. Instead, it is truly a level offering that uses a three-step paradigm: observe existing agents and credentials, unafraid them done a centralized vault infrastructure, and supply beardown audit trails describing however entree is used.

The find constituent is meant to observe existing flaws, places wherever keys and passwords are already deployed and request to person amended absorption controls. The level identifies AI tools and cause enactment crossed endpoints, browsers, and section environments. Using the tools provided by 1Password, information teams tin observe exposed credentials, including plaintext situation files and unencrypted SSH keys.

Also: Why endeavor AI agents could go the eventual insider threat

Of course, to transportation retired this find process enterprise-wide, you person to assistance 1Password's strategy immoderate level of heavy enterprise-wide access. That whitethorn beryllium indispensable if you privation to rein successful the AI entree excesses of the past fewer years, but it is besides a monolithic hazard each connected its own.

Centralized credential vault replaces embedded secrets

In an email Q&A, Nancy Wang, CTO of 1Password, told ZDNET, "Instead of storing credentials locally oregon embedding them successful scripts, credentials tin beryllium securely retrieved from the vault and utilized lone astatine the infinitesimal they are needed."

The level centralizes credentials wrong a unafraid vault alternatively of embedding secrets straight successful prompts, scripts, oregon configuration files.

Also: Nvidia bets connected OpenClaw, but adds a information furniture - however NemoClaw works

Wang says, "Developers notation secrets done 1Password alternatively than embedding them straight successful codification oregon situation variables. At runtime, 1Password resolves the reference, enforces policy, and delivers the credential lone to the process that needs it, with each entree lawsuit logged according to organizational policy."

Security teams tin spot which credential was used, which strategy requested it, and the individuality liable for the action. The thought is to trim reliance connected API keys and secrets that stay valid indefinitely.

Integrations with AI developer and infrastructure platforms

Of course, gaining entree to each instrumentality a developer oregon endeavor mightiness usage is simply a large job. Many tools don't enactment and play good with others. To antagonistic this problem, 1Password is teaming up with galore instrumentality and endeavor vendors to embed enactment straight successful their offerings.

Initial collaborations announced astatine motorboat see AI developer tools specified arsenic Cursor and GitHub, on with unreality and developer platforms, including Vercel.

"As agentic coding tools go portion of however modern teams physique and vessel software, information needs to integrate straight into the developer workflow," said Talha Tariq, CISO astatine Vercel. "Through our concern with 1Password, we're making it easier for developers to entree credentials securely wrong the tools and environments they already use, truthful they tin determination rapidly without compromising connected dependable information practices."

Also: AI agents of chaos? Research shows however bots talking to bots tin spell sideways fast

Cursor and GitHub usage the 1Password offering to unafraid developer workflows crossed IDEs, unreality sandboxes, and CI/CD pipelines. Extensions are present disposable for Cursor agents and GitHub Actions, with much expected.

1Password is besides moving with players who connection AI infrastructure, cause power planes, MCP gateways, and AI browsers, with implementations to beryllium announced soon.

1Password's CTO answers our questions

I asked 1Password a fig of questions. CTO Wang was benignant capable to reply them, seemingly portion she was connected a plane. We decidedly admit her going supra and beyond, literally.

In effect to a question astir the 1Password idiosyncratic interface, she told me, "Yes, it's the aforesaid interface that radical cognize and love. Through Unified Access, we're extending the interfaces radical already use, similar the 1Password extension, CLI, and APIs, into the environments wherever agents really run."

I tried to nail down the enactment experience. Where, exactly, are the credentials managed and how? She said, "The mode agents interact with 1Password extends that acquainted acquisition into the environments wherever agents operate. At a precocious level, we deliberation of agents arsenic a caller people of individuality that needs unafraid entree to credentials successful bid to enactment connected behalf of users oregon systems."

Also: How I switched password managers without losing a azygous login

She said, "In this environment, 1Password serves arsenic the trusted strategy of grounds for those credentials. Rather than embedding secrets straight successful prompts, code, oregon cause memory, agents tin retrieve credentials from the 1Password vault erstwhile they request them."

In effect to however this attack volition beryllium incorporated successful code, I was told, "Developers notation secrets done 1Password alternatively than embedding them straight successful codification oregon situation variables. At runtime, 1Password resolves the reference, enforces policy, and delivers the credential lone to the process that needs it, with each entree lawsuit logged according to organizational policy."

If you deliberation backmost to the opening of the article, and my interest astir sharing keys with my cat's favored sitter, callback that I obsessed implicit the question of whether I should alteration the fastener aft each trip.

In a virtual world, that becomes possible. Wang told me, "If a credential needs to beryllium rotated, it tin beryllium done successful the vault, and each agents with entree to the vault volition person entree to the caller credential, truthful it doesn't request to beryllium updated connected an agent-by-agent basis."

Fundamentally, 1Password is gathering a azygous root of information for credentials successful the agentic space. It's analyzable arsenic heck, but since we're ne'er going to beryllium capable to enactment the agentic genie backmost successful its bottle, information tools similar Unified Access and Agent 365 can't travel excessively soon.

What astir you?

Are AI agents already moving wrong your organization's workflows, oregon are you inactive experimenting with them? How are you managing the credentials and entree those agents require? Do you deliberation centralized vault approaches similar 1Password's Unified Access and Microsoft's Agent 365 are heading successful the close direction?

Also: 1Password hikes its prices: Here are your escaped oregon inexpensive alternatives

Are you acrophobic astir agents utilizing the aforesaid credentials arsenic quality developers, oregon bash you spot that arsenic manageable with the close tooling? How overmuch visibility bash you deliberation companies truly person contiguous into what their automated systems are doing? Let america cognize successful the comments below.

You tin travel my day-to-day task updates connected societal media. Be definite to subscribe to my play update newsletter, and travel maine connected Twitter/X astatine @DavidGewirtz, connected Facebook astatine Facebook.com/DavidGewirtz, connected Instagram astatine Instagram.com/DavidGewirtz, connected Bluesky astatine @DavidGewirtz.com, and connected YouTube astatine YouTube.com/DavidGewirtzTV.