TLDR: SANTA CLARA, Calif.āSnowflake will buy Natoma, a startup providing a permissions gateway for AI agents via MCP tool calls. The deal aims to let agents email, search Slack, and update Jira under enterprise security, permissions, and audit controls, if regulators approve. Financial terms were not shared; Snowflake expects Natoma to add 20 employees.
Key Takeaways:
- Snowflake is building an agentic control plane to manage how AI actions run across enterprise systems without breaking security rules.
- CEO Sridhar Ramaswamy says Natoma enforces identity checks, access policies, and audit controls at individual tool calls, enabling actions like emails and Jira tickets.
- If the acquisition closes, Snowflake pushes governed agent actions deeper into everyday SaaS work, tightening observability and policy enforcement for rogue behavior risk.
The pitch is simple: agents should do useful work while staying on a leash you can actually audit. Snowflake is betting that governance will beat chaos, one Slack search and Jira update at a time.
The pitch is simple: agents should do useful work while staying on a leash you can actually audit. Snowflake is betting that governance will beat chaos, one Slack search and Jira update at a time.
Q&A
What does a permissions gateway change for companies that already buy AI tools from multiple vendors?
It centralizes governance around tool calls, so agent behavior can be constrained and logged consistently even when applications and interfaces differ.
Why does enforcing policy at each tool call matter more than pre checking inputs?
Pre checks can miss edge cases, but tool call level enforcement blocks or audits risky actions at the moment an agent interacts with a system.
How might Natoma affect the future rollout of agentic workflows inside Slack and email heavy teams?
It could lower approvals friction by turning routine actions into governed requests, letting teams delegate more work without granting broad, static access.
If Snowflake keeps adding acquisitions, where does integration risk show up first?
In identity mapping, permission models, and observability so users see one coherent interface while security enforcement stays reliable across connectors.
Could this push toward an agent control plane become a competitive moat or a commodity?
It becomes a moat if enterprises trust specific audit and policy enforcement semantics, but could commoditize if many vendors replicate similar governance layers.
No comments yet. Be the first to share your thoughts!