SailPoint unveils adaptive platform to secure AI & cloud identities
SailPoint has introduced its SailPoint Platform, aiming to provide unified identity, data, and security management with intelligence at its centre.
As organisations across Singapore and the wider Asia Pacific region increase their adoption of AI and cloud technologies, SailPoint's latest suite of capabilities addresses the emerging security challenges associated with the proliferation of identities, both human and non-human. The launch includes Agent Identity Security (AIS), Observability & Insights, enhanced Data Access Security, and significant updates to the Atlas enterprise governance platform.
Platform approach
SailPoint's announcement addresses the changing landscape of enterprise security, where traditional network and organisational boundaries are increasingly irrelevant. Enterprises are grappling with an expanding attack surface created by the growing number of digital identities, including those associated with AI agents and machine processes.
"This new reality requires an adaptive identity model-a modern approach that unifies identity, data, and security to deliver continuous, contextual protection. Unlike static, siloed tools built for yesterday's environment, the SailPoint Platform sets a new standard, delivering identity security that is unified, intelligent, and adaptive by design. Our approach meets a world where perimeters have disappeared, data is scattered, and threats are intelligent, evolving and unrelenting," said Chandra Gnanasambandam, EVP of Product and CTO, SailPoint.
Atlas Enterprise enhancements
At the foundation of the SailPoint Platform is Atlas, now featuring new developments under the Atlas Enterprise offering. These include Dynamic Security Orchestration and a Shared Signals Framework, allowing businesses to customise their governance programmes, integrate real-time threat data, and respond instantly based on risk assessments. The Adaptive Approvals feature in Atlas Workflows creates intelligent, customisable approval paths that can adjust in real time according to perceived risks and business priorities.
SailPoint's new Model Context Protocol (MCP) Server enables identity security for AI-native environments, offering AI applications robust, enterprise-grade identity services. This is intended to ensure that organisations can leverage AI technologies without compromising trust, compliance, or governance.
Commenting on Adaptive Approvals, Savannah Grunden, Sr. Information Security Engineer at VSP Vision, said:
"The Adaptive Approvals capability we use through SailPoint's Identity Security Cloud is refreshingly intuitive and user friendly. SailPoint clearly thought through the use cases, striking the right balance between intelligent automation and practicality."
Securing AI agents
The general availability of Agent Identity Security (AIS) addresses the unique security challenges posed by AI agents. These non-human identities, capable of making millions of autonomous decisions per minute and generating additional agents, require formal governance structures for accountability and oversight.
Agent Identity Security provides the means for organisations to discover, certify, and govern AI agents. By establishing owner and user accountability, enforcing permissions, and connecting agent activities to the identity context of individuals and data, SailPoint offers visibility and control down to specific files, rows, or columns. This enables compliance and trust in environments powered by autonomous AI.
Observability and data governance
The Observability & Insights (O&I) feature presents organisations with interactive visualisations of the relationships between human and machine identities and their access paths. This capability is designed to help businesses implement least-privilege policies, remediate excessive or inconsistent permissions, and lower risk by providing the necessary context for informed decision-making. Integration with external systems further extends these capabilities by allowing identity and security teams to act directly on discovered risks, improving overall security posture.
Data Access Security (DAS) adds further granularity by detailing who can access which data, how that access is used, and whether these patterns conform to policy. Its Data Certification feature works for both user and agent identities. The new integration with Snowflake broadens data governance, giving centralised visibility into all types of access across human, machine, and AI agents. This is promoted as a method to mitigate risks associated with data leakage via large language models (LLMs) and unauthorised applications, helping enterprises establish strong governance for workplace AI adoption.
Future developments
SailPoint also outlined future capabilities currently in its development roadmap. Privilege Security Posture Management is intended to help organisations achieve least-privilege access through automated discovery and classification at the entitlement level. The roadmap includes multiple Just-in-Time access models, conditional access for privilege assignment, and a check-in/check-out mechanism to reduce the risk associated with standing privileges.
The Real-time Authorization feature is being designed to assess each access request dynamically, drawing on contextual signals and integrating with Security Operations Centre (SOC) tools to adjust privileges as conditions change. Real-time Threat Defence and Remediation aims to detect and address identity-related threats with identity-driven context, enhancing overall risk response.
The combination of these current and planned features is intended to break down silos between identity and security domains, supporting a proactive defence model across organisational teams.