SailPoint’s AI Identity Security Gets Adaptive Framework
▼ Summary
– SailPoint announced new AI-powered features for its platform, advancing its adaptive identity vision to address modern security challenges.
– New capabilities provide total visibility into privilege risk by automatically discovering, classifying, and securing privileged access across an enterprise.
– The platform now includes governance for non-human identities, such as AI agents from major platforms, and enhanced lifecycle management for machine accounts.
– It introduces a new AI agent that transforms complex access request processes into simple, guided conversations for users.
– The company’s adaptive identity framework shifts from periodic reviews to real-time, continuous governance for all identity types, including AI and machines.
SailPoint has unveiled major upgrades to its AI-driven SailPoint Platform, marking a pivotal step in its adaptive identity vision designed to tackle the most pressing security issues in complex IT landscapes. This initiative introduces a suite of new capabilities focused on providing continuous, intelligent governance across all identity types, moving beyond outdated manual processes to meet the demands of modern, AI-driven enterprises.
A core enhancement is the introduction of total visibility into privilege risk. New foundational tools for privilege discovery, classification, and insights work automatically to identify and secure privileged access across an entire organization. This is crucial for minimizing standing privileges and moving toward a model of least privilege access.
Recognizing the expanding attack surface, SailPoint now offers extended security for non-human identities. New connectors within its Agent Identity Security module can discover and govern AI agents from leading platforms, including Microsoft 365 Co-Pilot, Databricks, Amazon Bedrock, and Google Vertex AI. Furthermore, enhancements to Machine Identity Security provide full lifecycle management for traditional machine accounts, ensuring these critical assets are properly governed.
To simplify user experience, a new agent for SailPoint Harbor Pilot transforms historically complex access request processes into simple, guided conversations. This AI-powered agent allows users to manage their access needs through intuitive dialogue, streamlining a key aspect of identity management.
The platform’s analytical power is also strengthened. Advanced features in SailPoint Observability & Insights now deliver direct privilege visibility and risk detection within the SailPoint Identity Graph, alongside identity comparisons and operational intelligence. Additionally, Data Access Security is being integrated with the Identity Graph to visualize data access pathways, providing richer context and new capabilities for mapping and managing sensitive data exposure.
Looking ahead, SailPoint is modernizing its governance core with a next-generation Access Certification engine and a comprehensive revamp of Separation of Duties (SoD) controls. These updates, slated for the second half of 2026, are built for performance, scale, and contemporary user experiences.
Industry leaders acknowledge that traditional, slow-moving identity governance cannot keep pace with cloud adoption, the proliferation of AI, and sophisticated threats. “The old way of identity governance is simply no longer effective,” stated Chandra Gnanasambandam, SailPoint EVP of Product and Chief Technology Officer. “We are moving toward a new, AI-powered adaptive approach to provide continuous visibility and real-time governance for all identity types… This year, we aim to help our customers move to least privilege or zero standing privilege.”
This adaptive framework is built on four foundational pillars. The first is real-time governance, which shifts security from periodic reviews to continuous, automated systems that detect, prevent, and remediate risk as it emerges. The second pillar focuses on protecting AI and machines, extending security protocols to the fast-growing world of non-human identities like AI agents and service accounts.
The third pillar advocates for universal and dynamic privilege, reducing risk by providing Just-in-Time (JIT) access across all environments so permissions are granted only when specifically needed. Finally, integrated threat management bridges the gap between identity tools and security operations by correlating identity context with threat signals for faster detection and response.
The practical benefits of this approach are already being realized. “Leveraging SailPoint’s AI capabilities, TMF Group has elevated identity governance into a fully automated, intelligence‑driven capability,” said Saurabh Gugnani, Senior Director and Global Head of Cybersecurity Engineering at TMF Group, noting its role in ensuring consistent compliance across 87 jurisdictions while supporting secure global growth.
(Source: HelpNet Security)