SailPoint unveils cloud enhancements for identity security

SailPoint has announced new enhancements to its Identity Security Cloud suite to address the increasing complexity of identity governance in modern enterprises.

The updated capabilities are aimed at giving organisations greater control, visibility and scalability in managing the full range of identities across people, machines, and non-employee partnerships, particularly as artificial intelligence and cloud adoption continue to grow rapidly in Singapore and the wider region.

Expanded coverage

The programme of updates covers three primary areas: Non-Employee Risk Management, Machine Identity Security, and a set of new integration features intended to broaden connectivity with partner platforms and business-critical applications.

Chandra Gnanasambandam, Executive Vice President of Product and Chief Technology Officer at SailPoint, outlined the driving factors behind the developments:

"As digital ecosystems expand, enterprises must govern not only humans but also the rise of machine and agent identities-identities that often outpace the capabilities of legacy tools. These identities often remain undiscovered or under-governed, creating unmanaged privileges and security gaps. SailPoint is addressing these challenges with differentiated features across our portfolio, all designed to deliver automation, context and precision at scale."

The Identity Security Cloud aims to provide comprehensive lifecycle controls and automation for every type of identity. Key to its approach is a unified platform designed to stay agile in the face of expanding digital footprints, automating access procedures and helping ensure that all entities are granted the minimum privileges necessary.

"We aren't incrementally checking boxes," Gnanasambandam added. "We are building momentum across our unified platform that gives enterprises a strategic advantage: the ability to move faster while staying secure."

Non-Employee risk management

The latest upgrade to Non-Employee Risk Management features direct integration with Microsoft Entra Verified ID, allowing faster and higher-assurance onboarding of third-party workers through verifiable credentials and biometric checks. This allows bulk approvals, attribute synchronisation, and direct provisioning of roles for external personnel, seeking to reduce manual intervention and delays while closing potential security gaps.

Luca Barezzani, ICT Security Senior Specialist at Illimity Bank, which uses these functions, shared:

"SailPoint Non-Employee Risk Management functions have enabled us to automate the Joiner-Mover-Leaver cycle of consultants. They can now be managed directly by internal contacts, without going through any IT department, tickets or approvals. At the same time, Non-Employee Risk Management secures and streamlines the collection of personal data needed for the most critical applications and making the employee himself autonomous in this step."

Machine identities

Addressing the rapid increase in non-human accounts, SailPoint's Machine Identity Security has been built for large-scale deployment. It offers new features such as multi-host classification, letting customers apply machine account rules across hundreds of sources, alongside sub-types that distinguish between service accounts, bots, and shared accounts. These are intended to provide a clearer view of machine identity ownership and risk across complex IT environments.

Other updates include the ability for organisations to certify machine identities by linking them to human owners, assign multiple responsible parties per account, introduce succession planning for ownership changes, and access a central dashboard to monitor access entitlements and mitigate excessive permissions.

Enhanced connectivity

SailPoint has also expanded its integration portfolio. New additions include SAP GRC Firefighter access, extended support for Virtual Appliance functionality to enable services like Data Access Security and Privilege Task Automation, as well as integrations with BeyondTrust, MacOS password reset, and JDBC for low-code provisioning. These capabilities are designed to further facilitate secure connections between identity governance and enterprise applications.

These integration advances are built on SailPoint's recent acquisition of certain assets from Savvy, which the company says will contribute to unifying and simplifying enterprise connectivity for identity management.

Industry context

The enhancements arrive as organisations in Singapore and the surrounding region continue to prioritise robust digital identity controls. With the proliferation of digital services and expansion of remote and third-party relationships, identity has become a core security control point.

Matt Mills, President of SailPoint, commented:

"Identities multiply faster than ever before, and enterprises need visibility, control and agility to protect what matters most while moving at the pace of business. We're reimagining identity security for the realities of the modern enterprise by unifying governance across every identity type to close the gaps that siloed, legacy approaches leave behind. In a world where identity drives both digital transformation and risk, SailPoint delivers the confidence enterprises need to thrive."