Snowflake adds Horizon Catalog tools for enterprise AI

Snowflake has introduced new Horizon Catalog features to govern and secure artificial intelligence across enterprise systems. The update is intended to provide a single control framework for managing AI agents, applications and data.

The changes include a new context layer called Horizon Context, added security functions for AI systems, and tighter integration with Adaptive Compute, which Snowflake says will help customers manage fluctuating AI workloads without manual tuning.

Snowflake is addressing a problem that has grown as companies move AI projects from pilot stages into day-to-day operations. Many businesses struggle to keep data definitions consistent across databases, analytics tools and software agents, while also applying security controls designed for human users rather than autonomous systems.

Horizon Catalog is designed to serve as a central catalogue for enterprise data and AI governance. With these additions, Snowflake aims to give data teams, business users and AI agents access to the same business definitions and usage rules, reducing the risk that systems act on conflicting interpretations of key metrics.

Christian Kleinerman, EVP of Product at Snowflake, said the shift to more autonomous AI systems had changed governance and security requirements.

"When intelligence becomes autonomous, trust is no longer an afterthought, it becomes foundational," said Christian Kleinerman, EVP of Product at Snowflake.

"Organisations need AI that operates from trusted business context, with governance and security built in from the start. New advancements across Snowflake Horizon Catalog give every agent, app and team the trusted context and security controls needed to move AI from experimentation into real-world business operations," Kleinerman said.

Shared context

A central part of the announcement is Horizon Context, which is designed to create a common layer of business meaning across data estates. Business logic is often scattered across SQL queries, dashboards and AI tools, making it difficult to maintain a single agreed definition of measures such as revenue, Snowflake said.

The new approach brings together context from databases, data lakes and business intelligence tools so internal teams and software agents work from the same underlying definitions. It also includes Semantic Studio, intended to let analysts define business logic without deep SQL knowledge, and Semantic View Autopilot, which can automatically generate and refine semantic views.

Snowflake said these semantic views and related data agents can also be created for shared datasets, including those distributed through Snowflake Marketplace. The company is also backing the Open Semantic Interchange standard, a move intended to allow business definitions to be used across external AI agents and third-party analytics tools.

BlackRock is among the customers using Horizon Context to support a common data model for AI and analytics, according to Snowflake.

"In the financial industry, trusted data and consistent business context are critical to delivering accurate insights and managing risk across global markets," said Jeff Miller, Managing Director, Global Head of Data Factory & Enterprise Data Platforms at BlackRock.

"As AI becomes increasingly embedded across our enterprise, it is essential that applications, analytics and agents operate from the same trusted understanding of the business. Snowflake's Horizon Context helps extend consistent business definitions across our broader data ecosystem, supporting more trusted and governed AI and analytics experiences at scale," Miller said.

Security focus

Snowflake is also adding security tools designed for AI agents, reflecting concerns that existing access controls do not map well to systems that can retrieve data, reason over it and act with limited human intervention.

Its new Agent Identity feature gives software agents a verified identity before they are allowed to access data or take action, Snowflake said. The company said this would support role-based permissions and produce an audit trail of agent activity.

Further additions to Snowflake Trust Centre are intended to help customers monitor the security posture of AI systems, investigate policy violations and respond to risks with assistance shaped by the context of AI workloads. Snowflake also said it is using central policy controls and machine learning-based detection to address threats including data exfiltration, ransomware and prompt injection.

Several customers are working with Snowflake to assess the new security features, including Acxiom, NewDay and Thomson Reuters.

"As AI becomes increasingly embedded across the marketing industry, having the right security foundations in place is critical to our business scaling innovation responsibly," said Ankur Jain, Chief Cloud and Data Modernization Officer at Acxiom.

"Snowflake's new AI security capabilities have the potential to provide greater visibility and control over how AI systems access and interact with personally identifiable data, helping us scale AI adoption responsibly while maintaining the trust our clients expect," Jain said.

Thomson Reuters also framed the issue as one of oversight as AI becomes more involved in professional work and customer-facing services.

"At Thomson Reuters, responsible AI adoption depends on strong security, visibility and governance around how AI systems interact with enterprise data," said Caitlin Halferty, Head of Data & Analytics at Thomson Reuters.

"As AI becomes more deeply embedded in professional workflows and customer experiences, protecting sensitive information while enabling innovation is critical. Snowflake's new AI security capabilities give us greater control and visibility, helping us scale AI with the trust, compliance and accountability our customers expect," Halferty said.

Compute layer

Snowflake also linked the Horizon Catalog changes to Adaptive Compute, which it said can automatically allocate compute and software resources in real time for AI and application workloads. The company argues that governance and security tools often add friction just as enterprises try to run increasingly unpredictable AI jobs at scale.

By tying governance, security and compute management together, Snowflake is trying to make its platform more central to enterprise AI operations rather than serving only as a data warehouse or analytics environment. The announcement also reflects a wider shift among enterprise software suppliers to build controls for so-called agentic AI, in which software systems are expected to act with greater autonomy.

Snowflake said more than 13,900 customers use its platform globally.