Oso

Oso provides Authorization as a Service, enabling organizations to define and enforce permissions for applications and AI agents.

High-Level Overview

Oso is a technology company that provides developers with a library for authorization, effectively putting security in the hands of the makers by presenting security as code. Its product enables developers to implement and customize authorization logic flexibly, allowing them to focus on rapid development without compromising security. Oso serves enterprises and developers building modern applications, addressing complex authorization challenges, including those posed by AI agents. Its solution enforces least privilege access dynamically, helping prevent over-permissioning and enhancing security posture. Notable customers include Verizon, Intercom, Wayfair, Duolingo, and Productboard, reflecting strong growth momentum and adoption in diverse sectors[1][2].

Origin Story

Founded in 2018, Oso was created to tackle one of the oldest and most difficult problems in computing: authorization—determining who can access what across systems. The company was co-founded by Graham Neray (CEO) and Nick Kucharski (CTO), who brought deep technical expertise to the challenge. The idea emerged from the increasing complexity of authorization in modern software, especially with the rise of AI agents requiring dynamic and fine-grained access control. Early traction came from securing partnerships with major enterprises and building a distributed team headquartered in New York City’s NoMad neighborhood, fostering collaboration and innovation[1][2].

Core Differentiators

• Security as Code: Oso presents authorization as code, giving developers the freedom to shape and extend security policies programmatically.
• Unified Authorization Layer: Supports AI agents, applications, and human users with consistent enforcement of access controls.
• Dynamic Least Privilege Enforcement: Automatically monitors and adjusts permissions to reduce over-permissioning and detect risky behavior.
• Enterprise-Grade Security: Designed with strict security and privacy controls suitable for permission-aware AI workloads and modern architectures.
• Developer-Centric: Provides a flexible library that integrates seamlessly into existing development workflows, emphasizing speed and ease of use.
• Strong Customer Base: Trusted by leading companies across sectors, demonstrating reliability and scalability[1][2].

Role in the Broader Tech Landscape

Oso rides the trend of increasing complexity in software authorization, especially as AI agents become more prevalent and require sophisticated access controls. The timing is critical as enterprises demand scalable, secure, and programmable authorization solutions to manage risk in distributed and AI-driven environments. Market forces such as the rise of cloud-native architectures, zero-trust security models, and regulatory pressures favor solutions like Oso’s that embed security deeply into development processes. By enabling developers to own security as code, Oso influences the broader ecosystem toward more secure, agile software development practices[1][2].

Quick Take & Future Outlook

Looking ahead, Oso is well-positioned to expand its influence as AI adoption grows and authorization complexity intensifies. Trends such as AI governance, dynamic access control, and security automation will shape its product evolution. The company’s focus on developer empowerment and enterprise readiness suggests continued growth and deeper integration into modern software stacks. Oso’s approach could become a standard for how authorization is implemented in the future, reinforcing its role as a critical enabler of secure, scalable, and flexible application development[1][2].