1Password

Your SSO covers a fraction of your actual access surface. The unmanaged layer is growing: new AI tools and SaaS applications that are being trialed daily, shared logins that scatter across browsers, and credentials your identity provider has never seen. It’s this unmanaged stack that creates real risk. Join us on Thursday, May 21st for our live webinar: The Unmanaged Stack: Governing SaaS Apps and AI Tools Outside SSO. We'll cover: 🔹 What IT teams actually find when they get full visibility into apps and credentials outside of SSO (spoiler: most organizations are surprised). 🔹 How to prioritize which unmanaged accounts pose the greatest risk, based on who has access, what information those accounts can reach, and how attackers are targeting them. 🔹 What it takes to bring AI tools under the same governance framework as the rest of your stack. 📅 Thursday, May 21 | 9 AM PDT / 12 PM EDT Register here: https://bit.ly/4dmSFVY #SaaS #ShadowIT #AccessGovernance #IdentitySecurity #AI #1Password

Web Summit Vancouver 2026 brought some of the most important conversations in AI to the stage, and 1Password CTO Nancy Wang was leading them. On Centre Stage alongside Genspark co-founder and COO Wen S., and Emil Protalinski, Editor at Techmeme, Nancy drew a sharp line through the current moment: in under 12 months, organizations went from blocking ChatGPT entirely to handing agents near-godlike admin access, with almost nothing in between. The missing piece isn't more tooling. It's knowing how to give agents exactly what they need and nothing more. And the framing matters: governance and productivity aren't at odds. Bad governance is. Get access design wrong and you're spending months in incident reviews. Get it right, and least-privilege becomes the thing that lets you scale. "Everyone talks about, 'I want autonomous agents.' I don't think they do. I think they want obedient interns with perfect memory and speed." At the AI Summit, Nancy joined Jennifer Smith, Co-Founder & CEO at Scribe, Linda Tong, CEO at Webflow, and John Koetsier, columnist at Forbes, to address the gap between model performance and what organizations are actually getting. The bottleneck isn't the models. It's the missing context layer, the governance gaps, and identity challenges that traditional security frameworks weren't built for. "Agents aren't just machines. They can reason. They're non-deterministic. And so even if they have the right access, the question now becomes: are they actually going to do the right thing? Agents need their own identity and a way to bind intent to that identity so they can be monitored as they get access to sensitive systems." The thread connecting both conversations: trust isn't a feature you add later. It's the architecture.

Heading to #WebSummitVancouver this week? Come join us for what's going to be a candid conversation about building software in the age of AI agents. Three companies, three perspectives, one transition we're all living. AWS Canada's Titi O. is hosting. Rob Woolley and Daleth Hildebrand from Benevity will share how they're scaling the AI-DLC across their engineering org. I'll be sharing how we're embedding AI across the SDLC at 1Password, the friction points nobody talks about, and what we're building next for builders and customers. This won't be a vendor pitch. It's a status report from inside companies going through the same transition you are. See you Wednesday. https://lnkd.in/gvfWHZWV

Nancy Wang, 1Password's CTO, took the New Venture Summit Stage at Web Summit Vancouver today and shared her perspective on what's actually shifting beneath the AI hype. Early AI use cases are being absorbed by foundation models. The real opportunity is moving toward harder, longer-horizon problems, like scientific research, infrastructure, and security, where impact compounds over time. Her take is that conviction matters. Knowing where you're early, and why it matters, is what separates signal from noise. That same mindset shapes how we think about security. AI isn't just changing how work gets done. It's expanding the attack surface in ways most organizations aren't ready for. The companies that get ahead of that won't just be the ones moving fastest. They'll be the ones who build the right foundation first. That's the work we're here for. #AI #IdentitySecurity #WebSummit

1Password has been named to the Rising in Cyber 2026 list. This recognition is determined by direct voting from 150 CISOs and senior security leaders who make real decisions about what actually solves their hardest problems. For us, this validates a core belief: security should strengthen how people work, not get in the way. We focus on securing access wherever work happens today, across SaaS, unmanaged devices, and now human and AI identities. We’re proud to be included alongside companies shaping the future of identity, AI, and security but this momentum is driven by the customers and partners putting these ideas into practice every day. Thank you to the CISOs who voted. We don’t take that trust lightly. 🔗 https://risingincyber.com/

Always a fun time chatting on the Random but Memorable 1Password podcast! I joined Wade Wells to talk about what identity security, password hygiene, and what moving beyond "passwordless" means in 2026. We also talk about credentials/access for AI agents and the tools we're building at 1Password to help. Check it out! https://lnkd.in/eQT5uQdZ

The conversations shaping the future of AI and security are happening at Web Summit Vancouver 2026. 🇨🇦 Nancy Wang, 1Password CTO, is speaking across three stages, bringing perspectives on how to invest in AI with discipline, how to build it right from the start, and what it means for security when your "users" are autonomous agents. Three stages, one through-line: the companies that get this right are the ones who treat identity, access, and accountability as foundational, not as an afterthought. 📍 Tues May 12 | New Venture Summit Stage When Everything Is Signal, What's the Noise? 📍 Wed May 13 | AI Summit Stage AI Isn't Failing; We're Building It Wrong 📍 Wed May 13 | Centre Stage When Software Becomes a User Session links in the comments👇 See you in Vancouver! #WebSummit #1Password #Cybersecurity #AI

AI agents rewrote 3,000+ call sites in our codebase in hours. But speed wasn't the hard part. As Tido Carriero, VP of Engineering at Cursor, put it: "The pattern that works is using agents to produce deterministic artifacts, then forcing execution through those constraints. For instance, in Cursor, we see lots of customers use Plan Mode with a bigger, slower model (like GPT5.4 or Opus) to produce a concrete plan.md file, edit the file as needed, and then actually build with a smaller, faster model that is excellent at coding." At 1Password, we tested this on B5, our multi-million-line Go monolith. Here's what we learned: 🔹 Agents are most effective when the problem is fully specified. When they hit ambiguity, they fill in the gaps, often in ways that look reasonable but aren't. 🔹 Use agents to build deterministic tools first (analyzers, manifests, plans), then constrain the agents to execute against those outputs only. 🔹 Parallelism only works when isolation has already been solved. Otherwise you're increasing inconsistency, not reducing time. The real work is specifying the problem clearly enough that agents can't go wrong. Read the full breakdown: https://bit.ly/4uudbe5 #AI #SoftwareEngineering #AgenticAI #DevTools #1Password

Managing multiple client environments often means repeating the same manual work for every new client: policy setup, access configuration, and seat tracking. That repetition slows onboarding and introduces inconsistencies. We're addressing that with three new capabilities in 1Password Enterprise Password Manager – MSP Edition: 🔹 Policy Templates: Define security and access policies once, apply them across all managed companies, and update centrally. Enforce a consistent security baseline from day one, with the flexibility to control what clients can or cannot override. 🔹 Seat Limits: Set maximum user counts per client to align usage with contracted agreements, prevent unplanned overages, and keep margins predictable. 🔹 Granular Vault Permissions: Give technicians access to only the vaults they need, by role or specific vault, supporting least-privilege access across every client environment. Together, these features reduce repetitive setup, improve consistency, and give MSPs greater control over client onboarding and ongoing management. Existing customers can access these features now through the MSP console. New MSPs can explore them free with a 14-day trial. Learn more: https://bit.ly/3QYdnE2 #MSP #ManagedServices #Cybersecurity #PasswordManagement #1Password