Snowflake to Acquire Natoma to Add Governed Agentic Access for Enterprises

Snowflake said it will acquire Natoma to provide governed agentic access that lets AI agents act across enterprise applications while preserving centralized identity, permissions and auditability.

Snowflake announced intent to acquire Natoma to give organizations a governed way for AI agents to perform actions across enterprise applications. The deal aims to preserve a single point of enforcement for identity, permissions and auditability so agents can execute tasks on users’ behalf without bypassing corporate controls. The companies framed the move as a response to growing operational and security gaps. Many teams have been deploying their own MCP (model context protocol) servers and connecting agents directly to data sources outside IT oversight, creating so-called shadow AI risks and exposing proprietary information. Snowflake noted it already supports more than 13,300 enterprise customers that rely on its policy enforcement, security and access controls.

Snowflake and Natoma said the integration will bring Cortex Code and Snowflake Intelligence into a unified interface for everyday workflows while adding finer — grained governance. The combined offering is intended to attach per-tool and per-action controls and extend accountability across tool calls and cross — application workflows, ensuring each automated step is subject to policy, logging and review. The companies listed practical examples of agentic tasks the platform would govern: summarizing calendars, sending emails, opening tickets, locating documents across storage, updating CRM records and querying enterprise data. For each of these actions, the planned integration is meant to allow administrators to set specific permissions and auditing requirements so automated workflows do not create unmonitored data pathways.

For builders and security teams, the acquisition is pitched as a bridge between usability and enterprise governance. Natoma’s team, which has prior exits to Okta and Google, has focused on making agent tools accessible to non-technical users while meeting the compliance expectations of security organizations. Snowflake emphasized that defining clear boundaries, visibility and audit trails for agents is central to letting customers adopt agentic productivity without adding uncontrolled exposure of sensitive data.