A Stytch in time: Connected Apps untangles authorization tie-ups for AI agents - Related to discovery, stay, design, tie-ups, agents

A Stytch in time: Connected Apps untangles authorization tie-ups for AI agents

AI agents are set to change ID authorization: As they integrate behind the scenes, they will need to move seamlessly between different apps on our behalf, and not get continually halted by login screens, lest they become cumbersome.

“Every app, or almost every app, will need to function as its own identity provider in the future,” Reed McGinley-Stempel, CEO of authorization platform Stytch, told VentureBeat.

This requires a different approach to permissioning, one that supports sophisticated AI workflows while also protecting sensitive proprietary and personal data. Stytch’s new Connected Apps is aimed at this: The platform allows any SaaS organization to become its own identity provider (IdP), ultimately enabling AI agents and third-party apps to securely authenticate, access data and take action on behalf of people.

“AI agents are obviously having a moment,” stated McGinley-Stempel. “You can delegate a task to an agent, and it can allow those other apps that are connected to this core customer or this primary identity provider to have read and write functionality.”.

Since its founding four and a half years ago, Stytch’s main role has been to effectively power “identity handshakes”: The platform enables the “client” side of the handshake with an external identity provider (such as Google or Microsoft) to verify user identity, share information like emails and names and allow for a simple login.

Now with Connected Apps, Stytch clients can make the data within their apps accessible to other apps (both from a read and a write perspective). Third-party apps and agents can verify user identity, receive information and act on behalf of individuals in a permissioned way (AI agents), and login states can be shared between apps and systems.

As McGinley-Stempel put it: “You can support an app ecosystem.”.

He pointed to the rise of “unsanctioned agentic access” — for instance, he personally has connected OpenAI Operator to his Twitter and LinkedIn profiles to occasionally do certain things on his behalf.

“One of the problems with that is from a security and privacy and consent management level, it’s giving complete, broad-range access to these agents,” he conceded.

With Connected Apps, the goal is to be more “programmatically secure” so that admins have a control pane and can properly manage permissions and refresh or revoke tokens as needed, he explained.

“Because even though I want that productivity gain, I also need the ability to revoke access if I don’t think a certain app should be connected,” noted McGinley-Stempel. “That’s really critical to have these powerful permission and consent modules in the B2B case, which we provide out of the box as a UI.”.

The platform also supports secure session sharing. Cross-domain login capabilities, for instance, allow consumers to “carry their identity across different domains,” he explained — like when you’re logged into Gmail and navigate to YouTube, which already recognizes you without requiring your credentials.

“You become an identity provider to allow for a secure session, swapping and sharing across these different sub-domains,” he stated. This is particularly useful when enterprises are looking for effective integrations among multiple brands.

Similarly, Stytch’s Connected Apps allows for cross-device sign-in capabilities — like when you’re logged into Netflix on your TV and are given a QR code to authenticate on your mobile.

Providing human oversight (but avoiding push-notification fatigue).

Connected Apps is built on OAuth protocol OpenID Connect (OIDC) and incorporates consent and access management, human-in-the-loop authorization and standards-driven architecture to help protect sensitive B2B data.

McGinley-Stempel emphasized the importance of human authorization in the agentic AI era. For instance, if a user grants an AI agent access to, say, draft emails around specific topics to specific clients, they typically still want final approval. To that end, the platform supports APIs that provide in-app and in-email push notifications before AI takes action on anything.

At the same time, though, more sophisticated and mature AI agents will eventually be completing multiple chains of events on a user’s behalf. This requires a more nuanced approach so that customers don’t get frustrated by “push-notification overload,” McGinley-Stempel noted. Connected Apps allows for batch processing of what could become overly noisy authorization requests — customers can review a full chain of thought and approve specific permissions.

“It’s pretty annoying if it can’t batch those requests for you to review all at once; you’re just in a queue all day,” he pointed out.

Ultimately, while AI agents are drawing both enthusiasm and skepticism, many enterprises understand they will be everywhere and that they must have an AI strategy in place. “Agents are kind of having that strategic moment,” stated McGinley-Stempel. “Now I have to think about both the user experience and agent experience. How do I actually provide for that?”.

How Crew Finance is using Stytch Connected Apps.

One early adopter benefiting from Connected Apps is Crew Finance. , its head of engineering, the FinTech firm set out to create the “last banking app a family would ever need,” one that bundles services and aspects like opening/closing accounts, paying bills, sending money and adding clients (without the need for clients to visit physical branches).

The app also has built-in kids’ banking experiences — accounts, debit cards, allowance payments, “savings pockets” and, soon, smart charge cards and an investment product to help kids start building credit early.

“As a banking app, providing the ability to link Crew with other financial institutions and apps is critical,” Domino told VentureBeat. But integrating with linking data like Plaid can be a “non-trivial task to accomplish in a secure and compliant way.”.

Stytch was already Crew’s auth-as-a-service provider; Domino explained that he approached them about a connected apps feature and the Stytch team fast-tracked a testing version for them.

Crew has also built an AI agent (fittingly called “Penny”) on top of OpenAI’s ChatGPT API. She serves as a “friendly, helpful, personal financial assistant” that generally teaches about investing and debt; provides deep dives on user-specific spending and saving habits; and visualizes personal financial information with charts and graphs.

In the future, Domino explained, the goal is to use Connected Apps to give Penny the power to act on clients’ behalf outside the Crew ecosystem. “Ask her to pay bills for you, cancel subscriptions, sign you up for advanced insurance — we want every one of our consumers to feel like they have a personal financial assistant at their disposal,” he explained.

Domino emphasized that while AI will be a big part of Crew’s future, the corporation has to ensure it “don’t go too far too fast, beyond what people are comfortable with.”.

“Having a fully AI-automated bank might be a little intimidating for many people for a while,” he expressed. “I don’t know if we’ll ever go that far, but it’s certainly an option.”.

A gaming PC can do a lot when it comes to graphics, but your desktop computer is nothing without a solid monitor backing it up. When it comes to PC ga......

Flipkart also claimed that the FLA programme, since its inception in 2022, has supported over 20 startups across sectors such as deeptech, fintech, he......

AI vs. endpoint attacks: What security leaders must know to stay ahead

Enterprises run the very real risk of losing the AI arms race to adversaries who weaponize large language models (LLMs) and create fraudulent bots to automate attacks.

Trading on the trust of legitimate tools, adversaries are using generative AI to create malware that doesn’t create a unique signature but instead relies on fileless execution, making the attacks often undetectable. Gen AI is extensively being used to create large-scale automated phishing campaigns and automate social engineering, with attackers looking to exploit human vulnerabilities at scale.

Gartner points out in its latest Magic Quadrant for Endpoint Protection Platforms that “leaders in the endpoint protection market are prioritizing integrated security solutions that unify endpoint detection and response (EDR), extended detection and response (XDR) and identity protection into a single platform. This shift enables security teams to reduce complexity while improving threat visibility.”.

The result? A more complex threat landscape moving at machine speed while enterprise defenders rely on outdated tools and technologies designed for a different era.

The scale of these attacks is staggering. Zscaler’s ThreatLabz indicated a nearly 60% year-over-year increase in global phishing attacks, and attributes this rise in part to the proliferation of gen AI-driven schemes. Likewise, Ivanti’s 2024 State of Cybersecurity analysis found that 74% of businesses are already seeing the impact of AI-powered threats. And, nine in 10 executives noted they believe that AI-powered threats are just getting started.

“If you’ve got adversaries breaking out in two minutes, and it takes you a day to ingest data and another day to run a search, how can you possibly hope to keep up?” Elia Zaitsev, CTO of CrowdStrike noted in a recent interview with VentureBeat​.

The new cyber arms race: Adversarial AI vs. defensive AI on the endpoint.

Adversaries, especially cybercrime syndicates and nation-state actors, are refining their tradecraft with AI, adding to their arsenals faster than any enterprise can keep up. Gen AI has democratized how adversaries, from rogue attackers to large-scale cyberwar operations, can create new weapons.

“Even if you’re not an expert, gen AI can create scripts or phishing emails on your behalf,” George Kurtz, CrowdStrike CEO and founder at the recent World Economic Forum, introduced in an interview with CNBC. “It’s never been easier for adversaries. But the good news is, if we properly harness AI on the defensive side, we have a massive opportunity to stay ahead.”.

As Gartner advises: “AI-enhanced security tools should be viewed as force multipliers rather than standalone replacements for traditional security measures. Organizations must ensure that AI-driven solutions integrate effectively with human decision-making to mitigate risks.”.

Etay Maor, chief security strategist at Cato Networks, told VentureBeat that “adversaries are not just using AI to automate attacks — they’re using it to blend into normal network traffic, making them harder to detect. The real challenge is that AI-powered attacks are not a single event; they’re a continuous process of reconnaissance, evasion and adaptation.”.

Cato outlined in its 2024 business highlights how it expanded its secure access service edge (SASE) cloud platform five times in the last year, introducing Cato XDR, Cato endpoint protection platform (EPP), Cato managed SASE, Cato digital experience monitoring (DEM) and Cato IoT/OT Security, all of which aim to streamline and unify security capabilities under one platform. “We’re not just taking share,” stated Shlomo Kramer, Cato co-founder and CEO. “We’re redefining how organizations connect and secure their operations, as AI and cloud transform the security landscape.”.

Unifying endpoints and identities is the future of zero trust. Adversaries are quick to capitalize on unchecked agent sprawl, which is made more unreliable due to a surge in dozens of identities’ data being integral to an endpoint. Using AI to automate reconnaissance at scale, adversaries have an upper hand.

All these factors, taken together, set the stage for a new era of AI-powered endpoint security.

AI-powered endpoint security ushers in a new era of unified defense.

Legacy approaches to endpoint security — interdomain trust relationships, assumed trust, perimeter-based security designs, to name a few — are no longer enough. If any network’s security is based on assumed or implied trust, it is as good as breached already.

Likewise, relying on static defenses, including antivirus software, perimeter firewalls or, worse, endpoints with dozens of agents loaded on them, leaves an organization just as vulnerable as if they had no cyber defense strategy at all.

Gartner observes that: “Identity theft, phishing and data exfiltration are workspace security risks that require further attention. To address these issues, organizations need a holistic workspace security strategy that places the worker at the center of protection and integrates security across device, email, identity, data and application access controls.”.

Daren Goeson, SVP of unified endpoint management at Ivanti, underscored the growing challenge. “Laptops, desktops, smartphones and IoT devices are essential to modern business, but their expanding numbers create more opportunities for attackers,” he mentioned. “An unpatched vulnerability or outdated software can open the door to serious security risks. But as their numbers grow, so do the opportunities for attackers to exploit them.”.

To mitigate risks, Goeson emphasizes the importance of centralized security and AI-powered endpoint management. “AI-powered security tools can analyze vast amounts of data, detecting anomalies and predicting threats faster and more accurately than human analysts,” he stated.

Vineet Arora, CTO at WinWire, agreed: “AI tools excel at rapidly analyzing massive data across logs, endpoints and network traffic, spotting subtle patterns early. They refine their understanding over time — automatically quarantining suspicious activities before significant damage can spread.”.

Gartner’s recognition of Cato Networks as a Leader in the 2024 Magic Quadrant for Single-Vendor SASE further underscores this industry shift. By delivering networking and security capabilities through a single cloud-based platform, Cato enables organizations to address endpoint threats, identity protection and network security in a unified manner — which is critical in an era when adversaries exploit any gap in visibility.

Experts agree that AI-powered automation enhances threat detection, reducing response times and minimizing security gaps. By integrating AI with unified endpoint management (UEM), businesses gain real-time visibility across devices, individuals and networks — proactively identifying security gaps before they can be exploited.”.

By proactively preventing problems, “the strain on IT support is also minimized and employee downtime is drastically reduced,” mentioned Ivanti’s field CISO Mike Riemer.

Arora added that, while AI can automate routine tasks and highlight anomalies, “human analysts are critical for complex decisions that require business context — AI should be a force multiplier, not a standalone replacement.”.

To counter these threats, more organizations are relying on AI to strengthen their zero-trust security frameworks. Zero trust comprises systems that continuously verify every access request while AI actively detects, investigates and, if necessary, neutralizes each threat in real time. Advanced security platforms integrate EDR, XDR and identity protection into a single, intelligent defense system.

“When combined with AI, UEM solutions become even more powerful,” expressed Goeson. “AI-powered endpoint security tools analyze vast datasets to detect anomalies and predict threats faster and more accurately than human analysts. With full visibility across devices, consumers and networks, these tools proactively identify and close security gaps before they can be exploited.”.

AI-powered platforms and the growing demand for XDR solutions.

Nearly all cybersecurity vendors are fast-tracking AI and gen AI-related projects in their DevOps cycles and across their roadmaps. The goal is to enhance threat detection incident response, reduce false positives and create platforms capable of scaling out with full XDR functionality. Vendors in this area include BlackBerry, Bitdefender, Cato Networks, Cisco, CrowdStrike, Deep Instinct, ESET, Fortinet, Ivanti, SentinelOne, Sophos, Trend Micro and Zscaler.

Cisco is also pushing a platform-first approach, embedding AI into its security ecosystem. “Security is a data game,” Jeetu Patel, EVP at Cisco, told VentureBeat. “If there’s a platform that only does email, that’s interesting. But if there’s a platform that does email and correlates that to the endpoint, to the network packets and the web, that’s far more valuable.”.

Nearly every organization interviewed by VentureBeat values XDR for unifying security telemetry across endpoints, networks, identities and clouds. XDR enhances threat detection by correlating signals, boosting efficiency and reducing alert fatigue.

Riemer highlighted AI’s defensive shift: “For years, attackers have been utilizing AI to their advantage. However, 2025 will mark a turning point as defenders begin to harness the full potential of AI for cybersecurity purposes.”.

Riemer noted that AI-driven endpoint security is shifting from reactive to proactive. “AI is already transforming how security teams detect early warning signs of attacks. AI-powered security tools can recognize patterns of device underperformance and automate diagnostics before an issue impacts the business — all with minimal employee downtime and no IT support required.”.

Arora emphasized: “It’s also crucial for CISOs to assess data handling, privacy and the transparency of AI decision-making before adopting such tools — ensuring they fit both the organization’s compliance requirements and its security strategy.”.

Cato’s 2024 rollouts exemplify how advanced SASE platforms integrate threat detection, user access controls, and IoT/OT protection in one service. This consolidation reduces complexity for security teams and supports a true zero-trust approach, ensuring continuous verification across devices and networks.

Conclusion: Embracing AI-driven security for a new era of threats.

Adversaries are moving at machine speed, weaponizing gen AI to create sophisticated malware, launch targeted phishing campaigns and circumvent traditional defenses. The takeaway is clear: Legacy endpoint security and patchwork solutions are not enough to protect against threats designed to outmaneuver static defenses.

Enterprises must embrace an AI-first strategy that unifies endpoint, identity and network security within a zero-trust framework. AI-powered platforms — built with real-time telemetry, XDR capabilities and predictive intelligence — are the key to detecting and mitigating evolving threats before they lead to a full-on breach.

As Kramer put it, “The era of cobbled-together security solutions is over.” Organizations choosing a SASE platform are positioning themselves to proactively combat AI-driven threats. Cato, among other leading providers, underscores that a unified, cloud-native approach — marrying AI with zero-trust principles — will be pivotal in safeguarding enterprises from the next wave of cyber onslaughts.

Walmart’s international net sales jumped more than [website] to $[website] Bn in Q4 2024 from $[website] Bn in the year-ago period.

ZYMVOL raises €3M for computational enzyme discovery and design

ZYMVOL, a biotech corporation focused on computational enzyme discovery and design has raised €3 million Seed funding led by Faber alongside Elaia Partners (existing Pre-Seed investor), and Übermorgen Ventures.

Since its founding in 2017, ZYMVOL has partnered with R&D teams from some of the world’s largest firms to transform their production processes — boosting innovation and reducing environmental impact—through tailored enzymatic solutions.

“Enzymes are tiny chemical factories that are responsible for all transformations in Nature. Zymvol is harnessing their power to deliver clean, sustainable chemical processes to companies striving to improve their products and operations—paving the way for a improved world”, states Maria Fátima Lucas, CEO of ZYMVOL.

Enzymes are biocatalysts, proteins naturally found in living organisms responsible for “catalyzing” (accelerating) millions of chemical reactions. For decades, various industries have used them to improve the properties of their products ([website] detergents with more effective stain-removal power, lactose-free milk, etc), as well as to substitute polluting, traditional catalysts.

Despite an enzyme’s ability to be applied in industrial chemical processes, it must first be engineered to withstand the factory environment, as significant changes in pressure and temperature can render them useless.

But traditional enzyme engineering often requires months or years of lab work, while relying on massive “trial and error” experiments, making it a rather unpredictable and expensive process.

ZYMVOL uses highly realistic computer simulations that mimic the conditions of experiments with over 90 per cent accuracy. This approach drastically reduces development time and cost, allowing only the most promising variants to proceed to lab testing.

Furthermore, the corporation is also able to discover enzymes for a target reaction without prior data. This means opening the door to potential projects that know which target chemical reaction they want to achieve, but don’t know there might be an enzyme for it.

Over the years, ZYMVOL has successfully completed more than 100 projects spanning diverse sectors, primarily in the pharmaceutical and chemical industries, collaborating with global clients such as Axplora, Medichem, and Sanofi.

, Partner at Faber Ventures, while enzymes power innovation across industries, from sustainable manufacturing to pharmaceutical breakthroughs, biocatalysis presents significant challenges — enzyme discovery and engineering remain complex, costly, and time-consuming.

“Zymvol’s advanced computational solutions go beyond improving efficiency; they strengthen industrial resilience, drive sustainable innovation, and shape the future of global production.”.

“Biocatalysts have proven to be an effective solution in reducing emissions and harmful chemicals in industrial production, but they are still under-used due to the complexity of their implementation”, states Maria Fátima.

“With ZYMVOL, we strive to make enzymes accessible to everyone, so green chemistry becomes the new norm."

Take the US, for example. The IEA investigation points to other research showing that the 10 states hosting the most data center growth saw a 10% increase in......

Table of Contents Table of Contents The good news The bad The bottom line.

When it’s the first half of a year, and a new iPhone has been unveiled, yo......

The New York Times has plenty of word games on its roster today — with Wordle, Connections, Strands, and the Mini Crossword, there’s something for eve......