Add source Login
The authorization problem that could break enterprise AI

The authorization problem that could break enterprise AI

When an AI agent needs to log into your CRM, pull records from your database, and send an email on your behalf, whose identity is it using? And what happens when no one knows the answer? Alex Stamos, chief product officer at Corridor, and Nancy Wang, CTO at 1Password joined the VB AI Impact Salon Series to dig into the new identity framework challenges that come along with the benefits of agentic AI. "At a high level, it’s not just who this agent belongs to or which organization this agent belongs to, but what is the authority under which this agent is acting, which then translates into authorization and access," Wang said. How 1Password ended up at the center of the agent identity problem Wang traced 1Password's path into this territory through its own product history. The company started as a consumer password manager, and its enterprise footprint grew organically as employees brought tools they already trusted into their workplaces. "Once those people got used to the interface, and really enjoyed the security and privacy standards that we provide as guarantees for our customers, then they brought it into the enterprise," she said. The same dynamic is now happening with AI, she added. "Agents also have secrets, or passwords, just like humans do." Internally, 1Password is navigating the same tension it helps customers manage: how to let engineers move fast without creating a security mess. Wang said the company actively tracks the ratio of incidents to AI-generated code as engineers use tools like Claude Code and Cursor. "That's a metric we track intently to make sure we're generating quality code." How developers are incurring major security risks Stamos said one of the most common behaviors Corridor observes is developers pasting credentials directly into prompts, which is a huge security risk. Corridor flags it and sends the developer back toward proper secrets management. "The standard thing is you just go grab an API key or take your username and password and you just paste it into the prompt," he said. "We find this all the time because we're hooked in and grabbing the prompt." Wang described 1Password's approach as working on the output side, scanning code as it is written and vaulting any plain text credentials before they persist. The tendency toward the cut-and-paste method of system access is a direct influence on 1Password's design choices, which is to avoid security tooling that creates friction. "If it's too hard to use, to bootstrap, to get onboarded, it's not going to be secure because frankly people will just bypass it and not use it," she said. Why you cannot treat a coding agent like a traditional security scanner Another challenge in building feedback between security agents and coding models is false positives, which very friendly and agreeable large language models are prone toward. Unfortunately, these false positives from security scanners can derail an entire code session. "If you tell it this is a flaw, it'll be like, yes sir, it's a total flaw!" Stamos said. But, he added, "You cannot screw up and have a false positive, because if you tell it that and you're wrong, you will completely ruin its ability to write correct code." That tradeoff between precision and recall is structurally different from what traditional static analysis tools are designed to optimize for, and it has required significant engineering to get right at the latency required, on the order of a few hundred milliseconds per scan. Authentication is easy, but authorization is where things get hard "An agent typically has a lot more access than any other software in your environment," noted Spiros Xanthos, founder and CEO at Resolve AI, in an earlier session at the event. "So, it is understandable why security teams are very concerned about that. Because if that attack vector gets utilized, then it can both result in a data breach, but even worse, maybe you have something in there that can take action on behalf of an attacker." So how do you give autonomous agents scoped, auditable, time-limited identities? Wang pointed to SPIFFE and SPIRE, workload identity standards developed for containerized environments, as candidates being tested in agentic contexts. But she acknowledged the fit is rough. "We're kind of force-fitting a square peg into a round hole," she said. But authentication is only half of it. Once an agent has a credential, what is it actually allowed to do? Here's where the principle of least privilege should be applied to tasks rather than roles. "You wouldn't want to give a human a key card to an entire building that has access to every room in the building," she explained. "You also don't want to give an agent the keys to the kingdom, an API key to do whatever it needs to do forever. It needs to be time-bound and also bound to the task you want that agent to do." In enterprise environments, it won’t be enough to grant scoped access, organizations will need to know which agent acted, under what authority, and what credentials were used. Stamos pointed to OIDC extensions as the current frontrunner in standards conversations, while dismissing the crop of proprietary solutions. "There are 50 startups that believe their proprietary patented solution will be the winner," he said. "None of those will win, by the way, so I would not recommend." At a billion users, edge cases are not edge cases anymore On the consumer side, Stamos predicted the identity problem will consolidate around a small number of trusted providers, most likely the platforms that already anchor consumer authentication. Drawing on his time as CISO at Facebook, where the team handled roughly 700,000 account takeovers per day, he reframed what scale does to the concept of an edge case. "When you're the CISO of a company that has a billion users, corner case is something that means real human harm," he explained. "And so identity, for normal people, for agents, going forward is going to be a humongous problem." Ultimately, the challenges CTOs face on the agent side stem from incomplete standards for agent identity, improvised tooling, and enterprises deploying agents faster than the frameworks meant to govern them can be written. The path forward requires building identity infrastructure from scratch around what agents actually are, not retrofitting what was built for the humans who created them.

TP-Link’s Tapo 2K outdoor Wi-Fi security cam is now $70 (was $120)

TP-Link’s Tapo 2K outdoor Wi-Fi security cam is now $70 (was $120)

LOWEST PRICE EVER TP-Link Tapo C420S1 Security Cam View Deal It may seem small, but getting a security camera (or several of them) can make your life significantly more tranquil. With good surveillance, you’ll never have to worry when you hear unexpected noises outside your house. Just pull up the app on your phone and check the footage. If you’re ready to equip your own home with one or more such security cams, then today’s your lucky day. Right now, the TP-Link Tapo C420S1 security camera is 42% off on Amazon —that means instead of paying the usual $120 price, you can score it for just $70 . It’s a real deal, by the way, matching the lowest price it’s ever been. This outdoor security camera may be small, but it’s mighty in ability. It captures footage in sharp 2K resolution, and it works well even at night and in other low-light conditions thanks to its sensitive Starlight Sensor (for full color video) plus integrated spotlight. And you won’t have to worry about it surviving outdoor conditions because it comes with robust weatherproofing. It’s also easy to mount using the included screws, and it seamlessly connects to your home Wi-Fi network. Just make sure you set it up in a spot that’s easily reachable because this camera runs on battery power (lasting about 180 days between charges) and you’ll need to take it down to recharge. As for data storage, it supports local storage via microSD cards up to 512GB in size (not included) as well as cloud storage via Tapo Care, which costs $35/year and includes 30 days of video clip history plus some subscription-only features (like rich notifications). This is a great all-around outdoor security camera for people who are new to smart homes and those who are already enthusiasts. With this big 42% discount, now’s a great time to snag one.

Apple scales up its partnership with Save the Music

Apple scales up its partnership with Save the Music

As part of Tim Cook's 50th anniversary visit to New York City, he announced that Apple was going to help grow student music programs by expanding its partnership with Save The Music. Apple and Save the Music help bring music to struggling schools Arts programs are often the first to feel the effects when school funding falls through. And, as the Trump Administration continues to deprioritize arts education , many school music programs are headed for the chopping block. On Tuesday, Apple CEO Tim Cook announced that Apple would be expanding its partnership with Save the Music, a non-profit dedicated to bringing music programs to schools across the U.S. Continue Reading on AppleInsider | Discuss on our Forums

Memo: Satya Nadella says ex-Snap executive Jacob Andreou will lead Copilot for commercial and consumer clients; Mustafa Suleyman will focus on new AI models (Jordan Novet/CNBC)

Memo: Satya Nadella says ex-Snap executive Jacob Andreou will lead Copilot for commercial and consumer clients; Mustafa Suleyman will focus on new AI models (Jordan Novet/CNBC)

Jordan Novet / CNBC : Memo: Satya Nadella says ex-Snap executive Jacob Andreou will lead Copilot for commercial and consumer clients; Mustafa Suleyman will focus on new AI models —  Microsoft said Tuesday that it's bringing together the engineering groups for its commercial and consumer Copilot assistants, which have yet to gain broad adoption.

PC parts prices are brutal right now, so this Skytech RX 9070 XT gaming desktop for $1,649 is worth a serious look

PC parts prices are brutal right now, so this Skytech RX 9070 XT gaming desktop for $1,649 is worth a serious look

Between GPU shortages, RAM prices climbing, and the general cost of PC parts right now, building your own gaming rig has gotten considerably less straightforward than it used to be. The Skytech Gaming O11V makes a compelling case for skipping that process entirely. It’s down to $1,649.99 at Best Buy, a $230 saving off its […] The post PC parts prices are brutal right now, so this Skytech RX 9070 XT gaming desktop for $1,649 is worth a serious look appeared first on Digital Trends .

World launches AgentKit, a software development tool that enables sites to verify that a real human is behind the purchasing decisions of AI shopping agents (Lucas Ropek/TechCrunch)

World launches AgentKit, a software development tool that enables sites to verify that a real human is behind the purchasing decisions of AI shopping agents (Lucas Ropek/TechCrunch)

Lucas Ropek / TechCrunch : World launches AgentKit, a software development tool that enables sites to verify that a real human is behind the purchasing decisions of AI shopping agents —  World, co-founded by Sam Altman, is dedicated to creating what it calls “proof of human” tech—ID verification tools …

New Game Pass Games For March 2026: Resident Evil 7, Like A Dragon: Infinite Wealth, And More

New Game Pass Games For March 2026: Resident Evil 7, Like A Dragon: Infinite Wealth, And More

March has already been a very good month for Game Pass subscribers with the arrivals of titles like Kingdom Come: Deliverance 2 and Cyberpunk 2077 . That momentum will continue through the second half of March as some really terrific titles arrive, including Disco Elysium and Like a Dragon: Infinite Wealth . The newest addition to Game Pass, DreamWorks Gabby’s Dollhouse: Ready to Party , is out today and geared more towards younger players. Barbie Horse Trails will likely appeal to the same demographic when it arrives on Game Pass closer to the beginning of April. Veteran gamers are going to have plenty of options to choose from, including Absolum , one of last year's best beat-'em-ups. For older players, South of Midnight is expanding to Game Pass Premium, and The Alters is also very promising. On the final day of March, Resident Evil 7: Biohazard will allow Game Pass subscribers to revisit the title that started the franchise's move towards first-person horror experiences. Looking ahead to the beginning of April, last year's Game of the Year winner, Clair Obscur Expedition 33 , is coming to Game Pass Premium, and Final Fantasy IV will arrive on all tiers. However, a handful of titles are leaving Game Pass in March , so catch those while you can. You can find the full roundup of March's upcoming Game Pass titles below. DreamWorks Gabby’s Dollhouse: Ready to Party DreamWorks Gabby’s Dollhouse: Ready to Party will be available through Game Pass Ultimate, Game Pass Premium, and PC Game Pass for cloud, PC, and Xbox Series X|S on March 17. South of Midnight South of Midnight is already included with Game Pass Ultimate and PC Game Pass. It will also be available on Game Pass Premium for cloud, PC, handheld, and Xbox Series X|S on March 18. The Alters The Alters is already included with Game Pass Ultimate and PC Game Pass. It will also be available on Game Pass Premium for cloud, PC, and Xbox Series X|S on March 18. Disco Elysium Disco Elysium will be available through Game Pass Ultimate, Game Pass Premium, and PC Game Pass for cloud, PC, and Xbox Series X|S on March 19. Like a Dragon: Infinite Wealth Like a Dragon: Infinite Wealth will be available through Game Pass Ultimate, Game Pass Premium, and PC Game Pass for cloud, PC, handheld, and Xbox Series X|S on March 24. Absolum Absolum will be available through Game Pass Ultimate, Game Pass Premium, and PC Game Pass for cloud, PC, and Xbox Series X|S on March 25. Nova Roma (Game Preview) Nova Roma will be available as a day one preview through Game Pass Ultimate and PC Game Pass for PC on March 26. The Long Dark The Long Dark will be available through Game Pass Ultimate, Game Pass Premium, and PC Game Pass for cloud, PC, and Xbox Series X|S on March 30. Resident Evil 7: Biohazard Resident Evil 7: Biohazard will be available through Game Pass Ultimate, Game Pass Premium, and PC Game Pass for cloud, PC, and Xbox Series X|S on March 31. Barbie Horse Trails Barbie Horse Trails will be available through Game Pass Ultimate, Game Pass Premium, and PC Game Pass for cloud, PC, handheld, and Xbox Series X|S on April 2. Clair Obscur Expedition 33 Clair Obscur Expedition 33 is already on Game Pass Ultimate and PC Game Pass. It will be available through Game Pass Premium for cloud, PC, handheld and Xbox Series X|S on April 2. Final Fantasy IV Final Fantasy IV will be available through Game Pass Ultimate, Game Pass Premium, and PC Game Pass for cloud, PC, and Xbox Series X|S on April 7.