Snowflake buys Natoma to help freeze out rogue agents

It's 8 pm. Do you know where your agents are? Snowflake plans to buy Natoma, a startup that has made a gateway for managing AI agent permissions across enterprise applications, so users can focus on getting work done without wondering if their agents have violated security policies.During Snowflake's first-quarter fiscal 2027 earnings call, company CEO Sridhar Ramaswamy said Natoma is a critical piece of the company's broader strategy around what he called the "agentic control plane," where AI agents can take actions across business systems while still operating within the organization’s security controls. "With Natoma, users can do things like send emails, summarize Slack conversations, check calendars, and open Jira tickets without ever leaving Snowflake Intelligence or Coco," Ramaswamy said during the call, referring to two of Snowflake's AI products. “The important point is not just convenience. It is control. These actions happen from a governed environment with enterprise security, permissions, observability, and policy enforcement built in.”

Natoma’s software acts as a gateway for Model Context Protocol (MCP) servers, connectors that allow AI agents to interact with external software tools. The platform enforces identity verification, access policies, and audit controls at the level of individual tool calls, tracking who requested an action, what permissions they hold, and whether the system should allow the action to proceed.