This post is also available in:
עברית (Hebrew)
As organizations increasingly deploy AI agents, cloud workloads, and automated services, traditional identity systems are struggling to keep up. Most enterprises still manage credentials, permissions, machine identities, and user access through separate platforms. This fragmentation often leaves organizations with excessive standing privileges—accounts and permissions that remain active long after they are needed—creating opportunities for attackers to exploit forgotten access paths.
1Password is aiming to address that challenge through its acquisition of Apono, an Israeli company specializing in just-in-time access governance. While exact financial terms of the deal were not disclosed ($250M-$300M), the acquisition significantly expands the company’s capabilities beyond credential storage and password management into real-time access control.
The combined platform is designed to manage not only who holds credentials, but also what those identities can access, when they can access it, and for how long.
The acquired technology operates on a dynamic access model. Instead of maintaining permanent permissions, the system evaluates each request in real time and creates temporary access only when required. Permissions are scoped to a specific task and automatically removed once the work is completed. This approach eliminates many of the standing privileges that frequently become security liabilities.
The model applies equally to human users, service accounts, automated workloads, and AI agents. For AI systems, access is linked to the person who authorized the task and limited to the specific objective being performed. The platform continuously monitors activity and can revoke permissions if behavior deviates from the approved intent.
The acquisition also complements the company’s newly introduced Credential Broker technology. While the Credential Broker focuses on protecting and delivering credentials securely from a zero-knowledge vault, Apono governs what happens after access is granted. Together, they create a unified framework covering both credential security and runtime authorization.
From a cybersecurity perspective, the combined platform addresses one of the industry’s fastest-growing concerns: managing non-human identities. As AI agents and automated systems gain direct access to cloud infrastructure, databases, development environments, and enterprise applications, controlling privileges becomes as important as protecting passwords.
The result is a single access-governance architecture designed to provide temporary, auditable, and context-aware permissions for every identity operating inside modern enterprise environments.
