2026-06-16 00:00
Travis McPeak, Head of Security at Cursor, discussed the complexities of securing AI agents on the Zero-Shot Learning podcast. He emphasized the challenges of managing non-deterministic agents that have access to sensitive systems. To address these risks, he advocates for secure-by-default workflows and embedding security policies as code. This approach ensures that security keeps pace with business needs while minimizing potential damage. Travis also highlighted the growing reliance on AI in...
Source: 1Password Blog
info@1password.com (Chris Fowler)
2026-06-16 00:00
At 1Password, we value security and collaboration. That’s why we funded an independent assessment of the open-source library Snow, a Rust implementation of the Noise Protocol Framework. The assessment by Trail of Bits identified 10 findings, including a medium-severity nonce-handling issue. We worked closely with the maintainer, Jake McGinty, to resolve 8 of these findings. We believe that strengthening open-source security benefits the wider community. Check out the report for more details!...
Source: 1Password Blog
info@1password.com (Daryl Martin and Christian Rask)
2026-06-16 00:00
The 2026 Verizon Data Breach Incident Report highlights a rise in cyberattacks targeting the Financial and Insurance sector, with small-to-medium businesses (SMBs) particularly vulnerable. 96% of ransomware victims are SMBs, facing high security standards but limited resources. Credential management is crucial for building a strong security foundation. AI adoption is increasing SaaS sprawl and complicating compliance efforts, making it harder to manage credentials securely. For more insights,...
Source: 1Password Blog
info@1password.com (Rachel Sudbeck)
2026-06-15 00:00
🚀 Introducing the 1Password Credential Broker! This new tool addresses the challenge of managing service account tokens in CI/CD environments. It ensures that machine workloads and AI agents only access the credentials they need, at the moment they need them. Focused on GitHub Actions, it offers job-scoped access and detailed logging for enhanced security. This reduces the risk of overprovisioned access and improves audit trails. Join the private beta today to experience secure credential...
Source: 1Password Blog
info@1password.com (Jeff Malnick)
2026-06-15 00:00
🌟 Exciting news for 1Password! We have acquired Apono to enhance our identity security solutions. As digital identities evolve, the need for robust access governance is crucial. Apono will help us manage not just human access, but also machine identities and AI agents. We are also launching the 1Password Credential Broker, which protects credentials while ensuring secure access. Together, Apono and Credential Broker will strengthen the foundation of trusted access. Welcome aboard, Apono team!...
Source: 1Password Blog
info@1password.com (David Faugno)
2026-06-12 00:00
🎧 In a recent episode of *Chasing Entropy*, Jaya Baloo discusses the evolving landscape of security and AI vulnerability management. She emphasizes that while AI introduces new risks, organizations should prioritize known issues like asset visibility and remediation backlogs. Baloo warns against the dangers of a "risk acceptance" culture, advocating for proactive measures instead. Her insights on leveraging smaller, open-source models highlight their potential in identifying vulnerabilities...
Source: 1Password Blog
info@1password.com (Dave Lewis)
2026-06-11 00:00
The 2026 Verizon Data Breach Investigations Report highlights the importance of security fundamentals. Key findings include a surge in vulnerability exploitation, now the leading cause of breaches. Only 26% of critical vulnerabilities were fully remediated in 2025. Ransomware remains prevalent, impacting 48% of breaches, but 69% of victims chose not to pay. Third-party risks have increased, with 48% of breaches involving external vendors. Organizations are urged to strengthen their security...
Source: 1Password Blog
info@1password.com (Dave Lewis)
2026-06-05 00:00
At 1Password, interns are using AI to enhance their learning and problem-solving skills. Eileen Zhao and Kashish Garg shared their experiences, highlighting how AI tools help navigate complex codebases and improve communication. Eileen leverages AI for editing, understanding new concepts, and organizing her thoughts before coding. Kashish uses AI to parse information and validate his approaches, streamlining his workflow. These experiences showcase how 1Password fosters AI fluency and...
Source: 1Password Blog
info@1password.com (1Password)
2026-06-05 00:00
The Gartner® Hype Cycle™ for Agentic AI emphasizes the need for human oversight in AI deployments. Fully autonomous agents are not yet ready for most enterprise use cases, and organizations should focus on semiautonomous models. Interest in AI agents is rising, with 42% of organizations expecting to adopt them within a year. However, many are unprepared for the associated risks, including security gaps and governance challenges. Key areas to address include the security of enterprise AI...
Source: 1Password Blog
info@1password.com (Sanjay Ramnath)
2026-06-02 00:00
In the latest episode of the Zero-Shot Learning podcast, Tom Occhino of Vercel discusses the impact of AI on developer workflows. He emphasizes that access control must be integrated into product architecture, especially as non-technical users leverage AI tools. This shift requires new security measures to prevent exploitation of untrusted code. 🛡️ Vercel's AI SDK, alongside 1Password's Unified Access, aims to ensure secure interactions while minimizing risks associated with credential...
Source: 1Password Blog
info@1password.com (Chris Fowler)
2026-05-29 00:00
🌏 May was A&PI Heritage Month, and at 1Password, we highlighted Stephanie Cheng, a Senior Customer Trainer and A&PI Employee Resource Group leader. Stephanie shares her insights on customer education, emphasizing the importance of creating a supportive environment for learners. She believes effective training goes beyond technical knowledge; it's about understanding and connecting with people. Being part of the A&PI leadership team has deepened her skills in community building and...
Source: 1Password Blog
info@1password.com (1Password)
2026-05-29 00:00
🔍 In 1Password’s recent webinar, the focus was on managing SaaS apps and AI tools outside of SSO. 📊 A startling 52% of employees have used apps without IT approval, creating unmanaged risks. The webinar highlighted how 1Password SaaS Manager can help discover and govern these unapproved access points. 🔑 New integrations support governance for popular AI tools like ChatGPT and Claude, enhancing security and compliance. For more details, watch the full webinar! #CyberSecurity #SaaS #AI...
Source: 1Password Blog
info@1password.com (Rachel Sudbeck)
2026-05-28 00:00
🌟 In celebration of Jewish Heritage Month, we highlight Nicole Smith, Staff Project Manager at 1Password. Nicole leads our Jewish 'Bits Employee Community Group, fostering connections among Jewish employees and allies. Her focus on trust and honest communication has made her a key figure in navigating complex projects and mentoring others. She encourages everyone to engage with and learn about the richness of Jewish identity this month. #JewishHeritageMonth #1Password #Community #Leadership...
Source: 1Password Blog
info@1password.com (1Password)
2026-05-27 00:00
Source: 1Password Blog
info@1password.com (Sanjay Ramnath)
2026-05-20 00:00
1Password has partnered with OpenAI to enhance security for AI coding agents like Codex. 🤖🔐 The new 1Password Environments MCP Server allows Codex to access credentials securely, without exposing sensitive information in code. This integration ensures that secrets are managed safely and only accessed when needed. Developers can now streamline workflows while maintaining control over credentials. 🔑💻 Learn more about this integration and its benefits for your coding projects! #1Password #OpenAI...
Source: 1Password Blog
info@1password.com (Dennis Kromhout van der Meer and Robert Menke)
2026-05-20 00:00
🔒 Can 1Password see your vault contents? The answer is no, and it's due to the way the product is architected. Your data is encrypted on your device before it leaves, using keys that only you hold. 1Password cannot decrypt your vault contents because it never has access to these keys. This zero-knowledge architecture ensures your privacy, even if servers are compromised. However, be aware that losing your account password or Secret Key means recovery isn't possible. Learn more about how your...
Source: 1Password Blog
info@1password.com (Rick Fillion; Wayne Duso; K.J. Valencik; Daryl Martin)
2026-05-19 00:00
🚀 We explored how to enhance our design system with agent-driven pipelines. Initially, our coding agent struggled without specific context, often making errors that required manual corrections. To improve its performance, we focused on making tacit knowledge explicit through detailed skills for common workflows. This shift resulted in agents producing higher-quality PRs, streamlining the review process. Our findings highlight the importance of clear instructions and proper context for...
Source: 1Password Blog
info@1password.com (Nancy Wang; Wayne Duso; Katie Davis; Matt Davey)
2026-05-19 00:00
In the latest episode of Zero-Shot Learning, Fotis Chantzis from OpenAI discusses the challenges of securing AI agents. Traditional identity protocols don't fit as agents act autonomously, making it hard to track their actions. Key points include: - **Continuous Authorization**: Agents need dynamic permission checks as they evolve tasks. - **Attribution**: Tracing actions back to original users is vital for governance. - **Mediated Access**: Secure credential use is essential to prevent...
Source: 1Password Blog
info@1password.com (Chris Fowler)
2026-05-18 00:00
🚀 AI tools are transforming software development, allowing anyone from designers to first-time founders to create apps quickly. However, managing sensitive credentials securely is crucial. 🔑 Many are still storing secrets in unsafe places like .env files or chat messages, leading to credential sprawl. 1Password now offers integrated developer security tools to help manage these secrets effectively. Their updated interface makes it easier for all users to access these vital tools, ensuring...
Source: 1Password Blog
info@1password.com (Sanjay Ramnath)
2026-05-14 00:00
🚀 Exciting news! The 1Password Device Trust MCP Server is now available. This open-source server connects your Device Trust data directly to AI tools like Claude and ChatGPT. 🔍 With it, IT and security teams can easily query device fleets using natural language, improving visibility and control. Key features include logging every action for auditability. 💡 The MCP Server supports 59 tools and allows users to ask questions about device compliance, vulnerabilities, and more—all from within...
Source: 1Password Blog
info@1password.com (Evan Sandhu)
2026-05-12 00:00
🚀 1Password is experiencing significant growth! According to Okta's 2026 "Businesses at Work" report, it achieved a remarkable 370% year-over-year increase in user adoption within the technology sector. 📊 Key highlights include: - Fastest-growing app in Canada on Okta. - Ranked #13 among startups on the platform. As businesses increasingly rely on AI, 1Password is becoming essential for secure access management. Organizations are adapting their identity security strategies to meet new...
Source: 1Password Blog
info@1password.com (1Password)
2026-05-12 00:00
🔍 Credential sprawl is a growing challenge for organizations, driven by the rise of AI and the increasing number of credentials like passwords, API keys, and tokens. 📊 This unmanaged growth can lead to compliance failures, increased cyber risks, and costly incident responses. 💡 Effective management solutions, such as 1Password, can help secure credentials across systems while maintaining productivity. #CredentialManagement #Cybersecurity #AI #DataProtection #1Password
Source: 1Password Blog
info@1password.com (Rachel Sudbeck)
2026-05-07 00:00
The rise of AI tools is driving an increase in "credential sprawl," where credentials are created and managed outside centralized systems. This poses significant security risks as organizations struggle to oversee developer secrets, API keys, and more. AI agents often rely on non-human identities that can be overprivileged and poorly audited, leading to vulnerabilities. Traditional security measures like SSO are falling short, leaving gaps in protection. To combat these challenges, companies...
Source: 1Password Blog
info@1password.com (Rachel Sudbeck)
2026-05-07 00:00
🚀 Exciting updates from 1Password! The new features in the Enterprise Password Manager – MSP Edition aim to streamline client onboarding and enhance control for Managed Service Providers (MSPs). Key improvements include: - **Policy Templates** for consistent security settings across clients. - **Seat Limits** to manage user access and prevent unexpected costs. - **Granular Vault Permissions** to ensure secure access for technicians based on roles. These tools help MSPs reduce manual work and...
Source: 1Password Blog
info@1password.com (Elgin McLaren)
2026-04-23 00:00
Credential sprawl can quietly accumulate within organizations, posing a serious supply chain risk. As employees connect third-party apps using OAuth, they create trust relationships that may go unchecked. Recent incidents show how compromised tools can lead to breaches, as attackers exploit valid tokens without needing to bypass security. To mitigate risks, organizations should regularly review OAuth connections, tighten permissions, and implement automated monitoring. Tools like 1Password...
Source: 1Password Blog
info@1password.com (Sanjay Ramnath)
2026-04-22 00:00
📻 In the latest episode of Chasing Entropy, Allie Mellen discusses her book, *Code War*, highlighting how cyber strategies of the US, China, and Russia are shaped by their political histories and military doctrines. Cyberattacks are more effective when aligned with broader objectives, whether to apply pressure or gather intelligence. Understanding the intent behind these actions is crucial for security teams. 🛡️ Mellen emphasizes the need for better attribution to decode operations and...
Source: 1Password Blog
info@1password.com (Dave Lewis)
2026-04-20 00:00
At 1Password, we explored the use of AI agents for refactoring our large Go monolith, B5. The project aimed to improve service boundaries and scaling while maintaining security and performance. We developed an agentic toolchain to analyze the codebase, which produced a clear extraction order. However, the real insights came when applying these tools in a live environment. Key lessons included the need for careful sequencing in production changes and the importance of creating deterministic...
Source: 1Password Blog
info@1password.com (Nancy Wang, Wayne Duso, K.J. Valencik)
2026-04-17 00:00
April is SWANA Heritage Month, a time to celebrate the cultures and contributions of Southwest Asia and North Africa. 🌍 This month, we highlight Kaynat Chowdhury, Customer Success Manager at 1Password. Her journey from studying in Bangladesh to thriving in tech showcases the importance of community and belonging. As Communications Lead for the SWANA Employee Community Group, Kaynat focuses on connecting and uplifting her community within the organization. Her story emphasizes that diverse...
Source: 1Password Blog
info@1password.com (1Password)
2026-04-16 00:00
Anthropic's new AI model, Mythos, has raised concerns in the security community for its ability to detect vulnerabilities and create exploits at an unprecedented scale. The recently released paper, “AI Vulnerability Storm,” offers guidance for organizations to prepare for these challenges. Key recommendations include prioritizing crucial patches, implementing hardware-backed authentication, and isolating AI agents with least-privilege permissions. The focus is shifting from traditional patch...
Source: 1Password Blog
info@1password.com (Dave Lewis)
2026-04-14 00:00
🎙️ Season 2 of Chasing Entropy is here! In the latest episode, Bob Lord discusses the issue of secure-by-design in cybersecurity. He highlights that many organizations treat security as a compliance task rather than a core responsibility. This leads to recurring vulnerabilities in software. 🔑 Key principles emphasized include owning customer security outcomes, embracing transparency, and ensuring leadership involvement. The conversation also touches on AI systems and their rapid access...
Source: 1Password Blog
info@1password.com (Dave Lewis)
2026-04-08 00:00
NIST's recent concept paper emphasizes the need for organizations to understand identity principles for AI agents. 1Password responds by developing an agent identity architecture that enhances security while ensuring interoperability with current systems. This multi-part series discusses the unique challenges of agent identity, including identification, attestation, and real-time Zero Trust principles. The evolving nature of AI agents requires a shift in how we manage access and...
Source: 1Password Blog
info@1password.com (Jacob DePriest, Nancy Wang, Jeff Malnick)
2026-04-02 00:00
🔒 Exciting news for organizations using 1Password Device Trust! Now, with the new External Checks feature, access to sensitive applications can depend on user compliance, policy acknowledgments, and more. This connects device access to external systems, improving enforcement of security policies. Administrators can easily set up these checks via API, ensuring access decisions reflect real-world conditions. Learn more about how to implement External Checks in your organization! #1Password...
Source: 1Password Blog
info@1password.com (1Password)
2026-04-02 00:00
Natoma and 1Password are collaborating to enhance secure AI agent access in enterprises. 🤖🔒 AI agents require access to sensitive systems, but traditional credential management can be challenging. This partnership offers a solution to manage credentials centrally, streamline workflows, and maintain oversight. By connecting 1Password with Natoma, organizations can effectively govern agent access without embedding secrets in code. This approach ensures better security and control. For more on...
Source: 1Password Blog
info@1password.com (1Password)
2026-03-31 00:00
🔒 Exciting news from 1Password! They have successfully deployed post-quantum cryptography (PQC) on their web application. This milestone enhances the protection of users' data against future quantum threats. 🖥️ If you're using a compatible browser like Chrome or Firefox, your data is now secured automatically. This is a crucial step to defend against potential “harvest now, decrypt later” attacks. Stay tuned for more updates as 1Password continues to enhance its security measures! #1Password...
Source: 1Password Blog
info@1password.com (Daryl Martin)
2026-03-31 00:00
🔐 New integrations between 1Password Enterprise Password Manager and SaaS Manager enhance access governance for organizations. These features allow IT admins to discover and manage shared and sensitive logins effectively. Key capabilities include vault insights, browser insights, and account risk reporting. With these tools, organizations can better understand app usage, update access during role changes, and maintain compliance records. Explore how these integrations can support your Zero...
Source: 1Password Blog
info@1password.com (1Password)
2026-03-27 00:00
🌐 The RSA 2026 conference focused on the theme: "AI agents are here, and governance needs to catch up." Security experts discussed how to foster a culture of agentic AI while ensuring safety and compliance. Key topics included safeguards for AI and the risks of over-permissioning. 1Password showcased its Unified Access platform, facilitating secure access management for humans and AI. Stay tuned for more insights from RSA! 🔒🤖 #RSA2026 #Cybersecurity #AI #1Password #TechConference
Source: 1Password Blog
info@1password.com (Elaine Atwell)
2026-03-26 00:00
In 2026, 1Password is transforming AI from a software focus to a people-centric approach. 🌟 Our internal AI Champions network plays a crucial role in promoting AI fluency and responsible use across all departments. These champions share use cases, facilitate peer learning, and integrate AI into daily practices. Recent initiatives include a Finance Hackathon that saved team members significant time through automation and engaging conversations on responsible AI use. 1Password is committed to...
Source: 1Password Blog
info@1password.com (Liz Tam and Nadia Kasenda)
2026-03-20 00:00
🔒 1Password and Runlayer have teamed up to enhance security for machine credentials in enterprise environments. By integrating 1Password® Unified Access with Runlayer, businesses can keep their machine credentials secure within 1Password’s vault. This ensures that credentials are resolved only at runtime, minimizing exposure and maintaining a full audit trail. The MCP gateway plays a vital role in managing access for AI agents, preventing secrets from accumulating outside the vault. Learn...
Source: 1Password Blog
info@1password.com (Jeff Malnick)
2026-03-19 00:00
In June 2025, Microsoft addressed a serious zero-click vulnerability in Microsoft 365 Copilot, known as EchoLeak. This flaw allowed attackers to extract sensitive data without user interaction. The incident highlights a crucial point: even with proper authentication and authorization, AI systems can produce harmful outcomes due to how they process untrusted content. Researchers have identified systemic risks related to prompt injection across AI-assisted workflows. As AI systems evolve,...
Source: 1Password Blog
info@1password.com (Jacob DePriest, Nancy Wang, Jeff Malnick)
2026-03-17 00:00
Introducing Automated Provisioning hosted by 1Password! 🚀 This new feature simplifies managing credentials for modern enterprises, addressing challenges like identity sprawl and operational drag. It enables seamless user management without the need for additional infrastructure. Key highlights include: - Enterprise multi-tenancy for tailored access. - Verified emails for enhanced security. - An OAuth-based Users API for efficient SOC workflows. 🔒 These updates aim to strengthen identity...
Source: 1Password Blog
info@1password.com (Allie Dusome)