SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Cinematic secure ops center unified access ai devices glowing vault
#
Data Protection
#
Cloud Security
#
MDM

1Password debuts Unified Access to secure AI agents

Wed, 18th Mar 2026
Author image
By Sean Mitchell, Publisher

1Password has launched Unified Access, a platform focused on how credentials and secrets are created and used on devices as companies deploy AI agents and automated workflows across production systems.

The product, Unified Access Pro, is now generally available. It targets security teams that need visibility into access activity across people, machines and AI agents, including when users run tools outside formal IT controls.

Most identity and access tools focus on authentication at the point of login. Unified Access starts at the endpoint, where credentials are stored and used. This reflects a shift in how organisations handle access as AI agents call APIs and run workflows using tokens and secrets in the background.

1Password CEO David Faugno framed the platform as a response to agents operating in live environments. "Agents are now operating inside real production environments," he said. "1Password is deployed on millions of endpoints and protects over 1.3 billion credentials and secrets. As the platform organizations rely on to initiate secure access to applications and infrastructure worldwide, we are uniquely positioned to address the identity and access challenges introduced by agents and machine workloads. Unified Access provides the control plane organizations need to scale AI safely."

Discover, Secure, Audit

Unified Access uses a three-part operating model: discover existing agents and credentials, secure them through controls and continuous authorisation, and audit activity across human and non-human identities.

The discovery features are available now. They cover AI tools and agent activity across endpoints, browsers and local environments. The platform can identify exposed credentials and secrets, including unencrypted SSH keys and plaintext environment files, and map AI usage to specific users and devices.

Security functions are also available now. They include one-click vaulting for exposed secrets, a unified vault for human, agent and machine credentials, and controls for high-risk or shared accounts.

Auditing is marked as "coming soon" and is expected to provide end-to-end visibility into credential access across human and non-human activity. Audit records will show which credential was used, when it was used, by which identity and under whose authority.

Later this year, 1Password plans to add runtime credential issuance for agent and machine workloads to provide scoped credentials and reduce persistent access.

Partner integrations

Unified Access launches with collaborations across AI model providers, developer tools, AI infrastructure and AI-focused browsers, including Anthropic, Cursor, GitHub, Perplexity and Vercel. 1Password also named Natoma, Runlayer and Commvault among organisations working with the platform.

Anthropic will integrate with 1Password to autofill vault items through the Claude browser extension, Cowork and Claude Code. With user consent, Claude will be able to log in to sites and services by filling credentials from 1Password.

OpenAI is also collaborating with 1Password around access to local vault items and developer IDEs, according to the announcement. The scope and timing of any integration were not detailed.

In developer tooling, Cursor, GitHub and Vercel are integrating with 1Password for workflows spanning IDEs, cloud sandboxes and CI/CD pipelines. Hooks are available for Cursor agents and GitHub Actions.

Runlayer and Natoma are described as integrating with 1Password for credential injection into agent sessions. This points to a move toward centralising how agents receive secrets during execution, rather than leaving long-lived credentials scattered across systems and files.

Commvault and 1Password are exploring links between credential hygiene and cyber resilience workflows, focusing on faster identification of exposed credentials and targeted remediation.

Some collaborations focus on AI browsers and runtime environments, including Anchor Browser, Browserbase, KERNEL and Perplexity Comet. The stated aim is to protect secrets used by AI agents in browser contexts, using approaches such as just-in-time access, least-privilege controls and auditability.

Security posture shift

The launch comes as security teams confront "shadow AI", where employees use AI tools or build lightweight agents without central oversight. This can expand the attack surface, especially if credentials are stored in plaintext, checked into repositories, or embedded in configuration files and scripts.

Vercel CISO Talha Tariq said security controls need to sit in day-to-day development work. "As agentic coding tools become part of how modern teams build and ship software, security needs to integrate directly into the developer workflow," he said. "Through our partnership with 1Password, we're making it easier for developers to access credentials securely within the tools and environments they already use, so they can move quickly without compromising on sound security practices."

Runlayer CEO Andrew Berman also highlighted the role of credential management as agents take actions across systems. "Runlayer is the agent control plane for the enterprise, providing the security, governance, and observability organizations need to deploy AI agents in production with confidence," he said. "As agents take real action across enterprise systems, credential management becomes a critical control surface. By integrating with 1Password, we're ensuring that every agent session Runlayer manages has secure, auditable access to the credentials it needs, and nothing more. When security is built into the foundation, organizations stop treating AI adoption as a risk to manage and start treating it as a capability to accelerate."

DigitalOcean connected the issue to broader changes in enterprise threat models. "AI adoption is reshaping our threat model," said Heather Cannon, Director of Security at DigitalOcean. "As an Agentic Inference cloud serving digital and AI native enterprises, we're seeing AI agents become part of everyday workflows. For DigitalOcean, it's no longer only about individuals mishandling credentials. We need clear visibility into which AI systems are operating across our environment. Using Unified Access helps us better understand and govern AI usage to reduce shadow AI risks and securely scale AI adoption."

Related stories
Anthropic launches Claude Opus 4.7 with stronger coding
CIQ launches Linux compliance platform ahead of deadlines
Your.Cloud acquires Pure Cloud Solutions in UK push
Emerson & OPSWAT strike global reseller deal for OT patching
OVHcloud adds Quandela Belenos quantum computer to platform

Top stories

Team Cymru launches Total Insights Feeds for threat data
FIRST conference highlights AI & CVE disclosure push
Protegrity launches AI Team Edition for secure inferencing
CERN joins OpenSearch foundation as associate member
OpenAI launches Trusted Access for Cyber with major names