/f/233941/1600x900/8eebc2af94/apono-wh-website.png)
1Password’s acquisition of Apono points to where identity security is heading: access granted at the moment of need, scoped to the task, and revoked the moment the work is done.
Most security incidents begin not at the front door, but in what happens after it. Credentials prove who an identity is. They say little about what that identity should be able to reach, when, and for how long. Over time, permissions accumulate. Access granted for a one-off task is rarely taken back. The result is standing access: a quiet, growing liability sitting inside almost every enterprise.
That liability has become harder to ignore. Cloud infrastructure, service accounts, and now AI agents have multiplied the number of identities operating inside enterprise systems, most of them non-human, many acting autonomously. Each one needs access to do useful work. Few organisations can say precisely what each can reach, or revoke it cleanly once the work is done.
Apono was built for that problem. Its cloud-native platform grants access dynamically, the moment it is needed, scopes it to the specific task, monitors activity continuously, and revokes privileges automatically once work is complete. It integrates with more than 200 enterprise systems, including Amazon Web Services, Microsoft Azure, Google Cloud, Kubernetes, Snowflake, and Databricks, and applies one approach across human, machine, and AI agent identities.
The founders frame the problem plainly. Rom Carmel, co-founder and chief executive, describes standing access as “the quiet liability inside almost every company”: permissions that are granted once and never withdrawn. Apono’s answer is to make access decisions at runtime, based on context and intent, so that security stops slowing people down and instead gives them the confidence to put AI to work.
The category is moving quickly in this direction. As enterprises adopt AI and the number of non-human identities surges, access governance has become one of the defining problems in identity security. The model Apono pioneered, zero standing privilege paired with just-in-time access, is becoming foundational, and the largest players in the market are now building toward it.
Vertex’s perspective
Vertex Ventures Israel backed Apono in its 2025 Series B, in a round led by General Partner Tami Bronner, who had followed the company and its founders closely in the years before investing.
“The category is shifting fast toward dynamic, context-aware access, especially as AI agents become part of every environment. Apono is exactly where identity security is heading, and Zero Standing Privilege is becoming foundational.” — Tami Bronner, General Partner, Vertex Ventures Israel
On 15 June 2026, 1Password announced its acquisition of Apono, at a transaction value of over US$200 million. The deal brings Apono’s access governance into 1Password’s Unified Access platform, extending it from credential management to runtime access control across every human, machine, and AI identity.
The acquisition places Apono’s technology inside a platform already trusted by more than 180,000 businesses, at a moment when the question of what an identity can do, and for how long, is becoming central to enterprise security. As AI agents move into production, that question will only grow more pressing, and the answer Apono built for it now reaches a far larger stage.