Skip to main content
AI & Machine Learning

Snowflake Bolsters AI Security with Natoma Acquisition

Person working on laptop in modern office with dashboard on screen.

"With Natoma, users can do things like send emails, summarize Slack conversations, check calendars, and open Jira tickets without ever leaving Snowflake Intelligence or Coco," Sridhar Ramaswamy said during Snowflake's first‑quarter fiscal 2027 earnings call.

Sridhar Ramaswamy on the "agentic control plane"

On the earnings call Snowflake's CEO framed Natoma as a "critical piece" of a broader strategy he called the "agentic control plane" — an architecture where AI agents are permitted to take actions across business systems while "still operating within the organization’s security controls." Ramaswamy emphasized not only convenience but control, saying the actions made available through the integration will occur "from a governed environment with enterprise security, permissions, observability, and policy enforcement built in."

How Natoma's MCP gateway enforces control

Natoma provides a gateway for Model Context Protocol (MCP) servers — connectors that let AI agents interact with external software tools. The platform enforces identity verification, access policies, and audit controls at the level of individual tool calls, tracking who requested an action, what permissions they hold, and whether the system should allow the action to proceed. Ramaswamy framed MCP and Natoma together as bringing "the entirety of SaaS application context" into agentic products so agents can both pull deeply contextual information and take actions such as flagging someone, composing and sending emails, or taking steps inside underlying applications.

Integration with Snowflake Intelligence and Coco (Cortex Code)

Ramaswamy said the Natoma integration will extend Snowflake's agentic control plane "beyond data and development workflows into everyday applications where work actually happens." He described a single interface encompassing Snowflake's Cortex Code (referred to as "Coco") and Snowflake Intelligence, enabling tasks such as querying enterprise data, updating CRM records, searching file storage, and managing communications without leaving Snowflake products. Mayank Upadhyay, Snowflake's chief security and trust officer and VP of engineering, wrote that the tool already helps summarize his unread emails, search Slack and Google Drive when he cannot remember where something was shared, and "surfaces what he needs without switching between applications."

Natoma founders and the startup's thesis

In a blog post the company’s four founders — Pratyus Patnaik, Will Potter, Zachary Hart, and Paresh Bhaya — said they started Natoma in 2024 with the belief that "AI agents would fundamentally change how work gets done inside enterprises, but they would only reach production if organizations could trust and control how those agents access data, use tools, and take action." They wrote that Natoma supplies the "secure connectivity, identity, and governance layer" that lets Snowflake experiences "extend safely into the applications their teams already use," and that Snowflake "sees the same future we’ve been building for at Natoma."

Snowflake's recent dealmaking and the AWS agreement

Financial terms for the Natoma acquisition were not announced. If it passes "customary regulatory and closing conditions," the deal would bring 20 employees to Snowflake. The transaction is Snowflake's sixth acquisition announcement since June 2025: the company said then it would buy PostgreSQL provider Crunchy Data — a deal a source told CNBC was $250 million — and later announced purchases of database migration outfit Datometry and data discovery platform Select Star in November 2025 (no sale prices provided for those two). In January, Snowflake said it would buy Observe, an AI‑powered observability platform, for $1 billion, and in February the company said it planned to buy TensorStax, an AI‑powered data pipeline planner. The Natoma announcement arrived the same day Snowflake signed a five‑year, $6 billion agreement with AWS centered on Graviton‑powered compute and AI infrastructure intended to support its growing agentic AI ambitions.

What this means for technologists, procurement leaders, and security teams

  • Technologists and security teams: Natoma enforces identity verification, access policies, and audit controls at the level of individual tool calls — the specific controls teams will need to validate as they integrate agentic workflows into Slack, Google Drive, Jira, CRM systems, and other SaaS tools.
  • Procurement and IT leaders: The addition of Natoma — and the concurrent five‑year, $6 billion AWS agreement — will be a procurement consideration, combining a gateway for agent actions with substantial cloud compute commitments and a string of recent Snowflake acquisitions that collectively aim to expand agentic capabilities into everyday applications.
  • Enterprise users and product managers: Snowflake frames the integration as a way to reduce context switching by letting users perform routine tasks from a governed environment inside Snowflake Intelligence or Coco, but the promise will depend on how well the announced governance, observability, and policy enforcement work in practice.

Snowflake presents Natoma as the layer that can let AI agents act across applications while preserving enterprise controls. The company has not disclosed purchase price, and the deal remains subject to customary regulatory and closing conditions. Whether the combination of MCP, Natoma's gateway, and Snowflake's suite of AI products will deliver the controlled, cross‑application automation Ramaswamy promises is now a test that customers, security teams, and the market will be watching.

Source