How Instacart is using AI to achieve zero standing privileges

Shaping a better future with technology

Instacart, the leading grocery technology company in North America, has a tech-first approach to problem solving embedded in its DNA. Since its start in 2012, the company has pushed technological innovation to create intuitive online shopping experiences, e-commerce products, and services for shoppers and retailers. Employees in all departments are encouraged to think beyond what’s possible today and explore the potential of emerging technologies to transform the future—whether that’s the future of grocery shopping, consumer health outcomes, or—in the case of the infrastructure security team—enterprise cybersecurity.

Infrastructure Security Team Leader Matthew Sullivan joined Instacart in 2022, just as the company was preparing to go public. Matt was charged with ensuring Instacart had the proper internal controls in place to meet the Sarbanes-Oxley (SOX) regulations all publicly traded companies must comply with. Previous stints as a red teamer and a security product manager gave Matt a unique practitioner/builder perspective on the compliance challenge—embracing Instacart’s tech-first mandate, he saw a chance to reimagine how the company secured its data: “I realized we could do much more than the bare minimum needed to be compliant. We could build something we were truly proud of that actually moved security forward.”

“I realized we could do much more than the bare minimum needed to be compliant. We could build something we were truly proud of that actually moved security forward.”

Matthew Sullivan

Infrastructure Security Team Leader

Innovating a path to zero standing privileges

“Identity is at the foundation of cybersecurity in the modern cloud and SaaS era,” Matt says.  “Infrastructure security is 90% identity security at this point.” The more Instacart could limit the number of users with privileged access at any given time, the more secure the company would be. Matt’s vision was to move all of Instacart’s privileged entitlements to just-in-time (JIT) access, which restricts access to only the time necessary to perform job functions. Enforced consistently, JIT access would allow the company to get to zero standing privileges (ZSP) and significantly lower their overall vulnerability. “With just-in-time access, we can greatly reduce our blast radius if something happens,” says Matt.

It was an ambitious goal. While the concept is straightforward, JIT access can be tricky to implement without negatively impacting productivity. “We needed to make sure it wouldn’t slow people down. Typically you would use manager approval for just-in-time access requests, but we didn’t want people putting in requests and having to wait for somebody with the time and context to understand and approve them,” Matt says. “We wanted to make it as automated as possible.”

Added to the inherent challenges of implementing JIT access was the complexity of Instacart’s access environment, which comprises multiple cloud-based infrastructure providers like AWS, GCP, and Snowflake, internal applications overseen by disparate business groups, and a workforce made up of remote employees, contractors, and overseas teams. Also, the company’s nimble, fast-moving tech culture means cross-functional experts regularly come together to work on new products and features, requiring access that doesn’t always align neatly to their role or department.

Matt didn’t have infinite resources at his disposal to efficiently enforce JIT access in this environment, so he had to get creative. “Instacart has a fairly small security team with a wide mandate,” he explains. “So we have to be scrappy and startup minded in the ways we operate.”

Establishing a modern identity governance foundation

Matt’s first priority was to find an access control tool that would allow him to automate as much of the JIT request and provisioning process as possible. The right solution would help the team centralize control of access across Instacart’s infrastructure and support an engineering-oriented approach to access control.

At the time Matt was hired, Instacart was mid-contract with a legacy identity governance and administration (IGA) platform that had yet to be successfully implemented. Matt was familiar with the platform and knew it didn’t have the flexibility or developer tooling he needed—and Instacart didn’t have the time or budget to resuscitate what was already a too-expensive, failed deployment. Matt needed a much more nimble solution based on newer tech that he could get up and running quickly. He abandoned the legacy contract and began looking at younger players in the identity governance space.

“Other vendors didn’t seem to get the nuance of what we wanted to do,” Matt recalls, “ConductorOne stood out because of the depth and experience of the leadership and team. It’s built by security engineers who understand that identity security problems are fundamentally engineering problems.”

The first thing Matt set up in ConductorOne was access request automation for one of the infrastructure team’s administrative roles. “I clicked through the user interface to get it set up, and in about ten minutes, I was done. I kind of couldn’t believe it. It seemed too easy,” Matt says, laughing. “But when my employees started using ConductorOne, that’s when I knew we’d found the right vendor. I heard things like, ‘This is easy. I love that there’s a Slack bot. It’s so simple to use.’ I was afraid to roll out a new tool across the company because we have people of varying technical skill levels. The power of ConductorOne is that if anyone has used a computer before, they’re going to be successful requesting access.”

Matt’s next step was hiring Dominic Zanardi, now Senior Software Security Engineer II at Instacart, to help maximize ConductorOne’s potential. “I took a look at ConductorOne’s API endpoints, I saw there was a Terraform provider, and I knew we could rapidly iterate on a new type of identity program,” Dom recalls. “With ConductorOne setting the baseline, we could build automation in spaces that some people hadn’t even discovered yet.”

Automating JIT access with conditional policies

“One of ConductorOne’s most powerful features is the policy engine. We can write simple or complex policies that allow us to really tailor access,” Matt says, describing how ConductorOne’s flexible conditional policies have made it possible for Instacart to move 95% of their privileged permissions to automated just-in-time access.

“There can be literally 30 lines of conditions—that’s how complex some of our policies are,” Dom says. For example, because Instacart employees are encouraged to use AI, people in multiple kinds of roles in departments across the globe may request access to machine learning resources—so the policy governing access to those resources must account for all kinds of variables, including geographically based data segregation rules. “If a human had to go through 30 lines of conditions to approve access, it would take forever,” Dom points out. “With the power of ConductorOne’s conditional policies, we can auto-approve. People get the access they need right away—without the risk of human error providing inappropriate access.”

Dom has configured all of Instacart’s access policies as code using ConductorOne’s Terraform provider, which automates the creation and modification of comprehensive access rules that build oversight directly into the JIT auto-approval process. Using Terraform, Dom is able to apply the right policies across thousands of permissions in critical applications like AWS, GCP, and Snowflake, as well as in internal apps and infrastructure, in a fraction of the time of manual configuration.

Instacart now has close to 100 policies in production applied across departments, teams, and subteams. The ability to codify at scale the exact criteria IT and security use to grant access has benefited the entire company in the form of fewer helpdesk requests, streamlined audits of SOX and SOC 2 controls, and fast and easy self-service access for more employees.

Privileged access at Instacart is now capped at a maximum of 90 days—and in many cases, access is much shorter lived. The 90-day cap has effectively eliminated the need to run quarterly access reviews. However, as Matt says, “that doesn’t mean we’ve removed oversight. The configurations we’ve made, the code describing how somebody gets their access—all of that is reviewed by account owners on a quarterly basis. We’re frontloading oversight so it doesn’t have to be done manually for every single request. We’ve got great security—and way better efficiency.”

Matt and Dom were naturally a bit nervous the day they flipped the switch, revoking long-lived access rights and requiring employees to request JIT access going forward. “I’m passionate about making sure the experience of security isn’t a bad one, that it’s not impeding people’s ability to get their work done,” says Matt. But they had nothing to worry about—between ConductorOne’s intuitive UI and well-built policies, everyone got the access they needed.

“The fact that we rolled this out at a company of our size with no hiccups was huge,” says Dom. And Instacart employees are big fans of the new JIT program. “We hear compliments constantly about the fact that tickets don’t sit waiting for approvals anymore,” Matt says.

How have auditors responded to Instacart’s JIT access program? “Because our policies are code, they go through our standard CI/CD checks,” explains Matt. “Our auditors are already OK with those checks for the rest of the code Instacart ships every day, so when we walk them through how we’ve configured our policies in ConductorOne, they come on board.”

“Many security engineers today encounter auditors who might not understand all of the evidence that’s provided,” adds Dom. “But ConductorOne enables us to build naturally readable policies that auditors can easily understand and approve.”

While conditional policies got Instacart most of the way to their goal, there remained a few highly sensitive entitlements that still required manual manager approval for JIT access. “For most companies, getting to 95% automation would have been enough,” Matt laughs. “But I’m a perfectionist.”

Using AI to get to 100% JIT access automation

Generative AI is not yet reliable enough to trust with objective access approval decisions, but it’s excellent at processing large amounts of information quickly and recognizing patterns. Matt and Dom hypothesized that an AI bot could be programmed to parse Instacart’s large amounts of identity and access data—now all centralized and accessible in ConductorOne—to inform sensitive JIT-access decision-making.

So they set about building it. In a talk at BSides Las Vegas this year, Matt and Dom introduced Gadjit— their open-source LLM-powered security bot framework designed to automate analyzing and taking action on access requests—and demonstrated to the audience how they’ve put it to use at Instacart.

Here’s how Gadjit works: When a JIT access request requiring manager approval is made in ConductorOne, Gadjit is triggered and begins sifting through information relevant to the request. “Our bot is powered by ConductorOne data,” explains Matt. “It pulls all the context about an entitlement’s description, its risk levels, and other people who have the entitlement—all through ConductorOne’s API.”

Gadjit leverages the power of large language models (LLMs) to read and interpret the identity data in ConductorOne and determine how well the requester’s attributes line up with both the description of the entitlement and the attributes of other people with that entitlement. The bot then uses basic computing to score the likelihood that, based on the data, the requestor is legitimate and can be safely granted access. If the score is over a predetermined threshold, Gadjit approves the request and access is automatically provisioned through ConductorOne.

The ability to assess large amounts of contextual data is key to Gadjit’s accuracy—which in testing is consistently nearly 100%. As Dom says, “It’s important to have a platform that provides the right kind of information for the bot to make the correct decision. Having all the data from our IdP, HRIS, cloud infrastructure and services like AWS, GCP, and Snowflake, and internal applications in ConductorOne really makes the difference in the bot’s success.”

When people are skeptical about using an AI bot to do access requests, Matt points out the prevalence of rubber-stamping. “What is it up against? It’s up against manager approval. How often do managers approve? It’s probably close to 100% of the time across our industry. If we’re doing better than that, we’ve already made a meaningful impact in the overall security of the company.”

He also has a reply for auditors concerned about tracing access approvals made by an external AI bot. “Every step of the process is visible in the ConductorOne audit log—we haven’t had a single question about the audit path that we haven’t been able to answer easily.”

Making Gadjit open source and sharing what they’ve built with the larger security community is a huge priority for Matt and Dom. “When you find something that’s a little different and seems to be working well, it’s important to share that story.” Matt says. “When we gave the BSides talk, the number of people coming up afterward to say they also struggle with this was high. It was validating to hear we’re solving a real problem.”

Pushing identity security forward together

The time and cost savings of moving to zero standing privileges can’t be understated. “It wasn’t the helpdesk approving sensitive access requests or doing quarterly reviews before—it was highly paid staff engineers,” Matt points out. “This has been a paradigm shift in efficiency at Instacart. Now getting access is easier and more secure, and managers aren’t spending a bunch of time reviewing access on a daily or quarterly basis.”

“This has been a paradigm shift in efficiency at Instacart. Now getting access is easier and more secure, and managers aren't spending a bunch of time reviewing access on a daily or  quarterly basis.”

Matthew Sullivan

Infrastructure Security Team Leader

However, it’s the value they’ve created for Instacart’s users, as well as the contributions they’re making to the future of cybersecurity, that Matt and Dom are most excited about. “We’ve appreciably improved our security posture without spending a bunch of time and money, which is a huge benefit for our customers,” says Matt. “At the end of the day, it’s about making sure that we’re doing right by them.”

“We work for a platform that serves millions of people, so failure isn’t an option,” adds Dom, emphasizing how critical ConductorOne has been to the success of the initiative. “We’ve been able to code on the frontier because we have pathways to test, we have an extensible platform, and we’re able to be flexible.”

“ConductorOne is extremely customizable, very powerful, and doesn’t make assumptions about how your organization works,” Matt agrees. “I’ve had experience with legacy vendors in this space and it’s a night and day difference—in the way you can use the product, in the onboarding time, in the time to value, and how you’re treated as a customer. There’s something so powerful about having a partner who really understands the space and listens.”

ConductorOne’s rapid product-release pace and willingness to add capabilities that have helped Instacart reach its goals have impressed the Instacart team. “When we ask ConductorOne for a feature, it’s built before we even have time to implement it. That’s a win in my book,” smiles Dom. “It’s about being very engineering- and delivery-focused,” Matt adds. “The legacy platforms—what value are they shipping week over week?”

Matt, Dom, and the rest of Instacart’s infrastructure security team are eager to continue innovating security solutions with ConductorOne by their side. “We’ll encounter challenges along the way,” Matt says. “But you can’t let the way things have been done stop you from envisioning how they could be better.”