Blog
Adding a world-class striker to the SailPoint portfolio: How Entro is raising our game
The challenge we face today is stark: as cloud and AI scale, machine identities, AI agents, and secrets are sprawling completely out of control.
In today’s announcement, we shared the exciting news that SailPoint has acquired Entro to address this exact challenge. To frame this addition through the current World Cup lens: SailPoint has always focused on fielding a championship-caliber team, and by officially acquiring Entro, we have just signed a world-class striker right before the group stage begins.
Entro’s ability to secure actual tokens, keys, and certificates deep within the software development lifecycle (SDLC) complements our broader SailPoint Agentic Fabric mission. These capabilities represent a powerful, multi-pronged approach to securing the modern, agentic enterprise.
Here is a closer look at the powerful capabilities Entro brings to the SailPoint portfolio lineup to strengthen non-human identity (NHI) security.
The visibility imperative: Finding the invisible
To defend an environment, you must first have absolute clarity. True governance requires a complete view of the pitch. Entro scans entire ecosystems with a primary focus on discovering non-human identities, including credential discovery across vaults, code, and chat applications—revealing NHIs that were previously completely invisible.
This is a significant leap forward for governance and audit. Entro discovers over 1,200 types of NHIs—including keys, tokens, and certificates—across 70+ critical cloud and developer infrastructure sources. It finds them wherever they hide: embedded in pipelines, code, vaults, container registries, configuration files, and collaborative tools.
Furthermore, Entro employs a multi-faceted approach to AI agent detection to uncover both sanctioned and shadow AI agents through:
- Client workstation scanning: utilizing endpoint management tools (like CrowdStrike and MS-Defender) to identify installed AI agent binaries, packages, and configuration files.
- SaaS provider APIs and audit logs: monitoring usage and activity from platforms like Microsoft 365, OpenAI, Salesforce, GitHub, and AWS.
- Code and collaboration scanning: analyzing source code repositories and collaboration platforms for AI agent configuration files and hard-coded secrets.
Enhancing human ownership and context
A machine identity is only as secure as the governance surrounding it. Entro bridges the gap by categorizing critical human and non-human identities and linking these NHIs back to their human owners for proper governance.
By mapping exact relationships and lineage, Entro ties complex machine and AI identities back to a human owner, enabling unified compliance. This complete visibility means you can easily run access reviews with full context on every identity. Every NHI and agent is enriched with critical human context, ensuring that security teams know exactly who is responsible for what.
Lifecycle management and access controls
Entro brings powerful technical lifecycle management to the table, supporting the rotation, termination, and offboarding of AI agents and credentials to meaningfully reduce the attack surface.
Crucially, Entro helps organizations secure NHIs against emerging threats like LLM jacking by ensuring NHIs only possess the necessary permissions. It achieves this through:
- Intent and policy-based access controls: allowing teams to define and enforce access based on the declared intent and policies of AI agents.
- Action-level policy enforcement: the groundbreaking ability to "ship policy that can actually stop an agent—before, during, and after it acts on your systems." This includes intercepting unauthorized tool calls and preventing token behavioral drift.
Proactive defense and real-time remediation
Security cannot just be periodic; it must be active. Entro moves beyond periodic reviews to real-time threat detection, helping to prevent breaches from compromised NHIs with advanced behavior analytics and baselines.
- Agent behavior analysis: by establishing NHI behavior baselines, Entro creates a foundation of normal action and task completion. Anomalies are detected through continuous monitoring, which can trigger automatic revocation or remediation.
- Active runtime defense: Entro continuously monitors AI agents and NHIs for real-time behavioral anomalies, intercepting unauthorized machine or agent prompts on the fly.
- Real-time threat mitigation: the system easily identifies and remediates misconfigurations, excessive privileges, and stale machine access. In the event of leaked secrets, Entro provides exact coordinates (e.g., secret value, line number) directly to DevSecOps teams, enabling immediate, surgical remediation.
The championship roadmap ahead
The addition of Entro to the SailPoint family represents a pivotal moment in identity security, supercharging our vision. Our portfolio is built to handle the substantial paradigm shift of the agentic era, designed to govern autonomous AI agents, discover shadow AI across the enterprise, and enforce secure access.
The world of autonomous AI and non-human identities isn't a future-state problem—it's a battlefield today. With Entro's deep capabilities, we aren't just reacting to the agentic era; we are actively securing it. Together, we solve the biggest headache of modern security: governing the sprawling world of autonomous AI and NHIs and securing the highly vulnerable credentials they rely on to operate.
Best of all, you do not have to wait for the next season to see this championship-level performance in action. SailPoint Entro is available to everyone today. To learn more, visit the SailPoint Entro page or request a free trial of our Discovery Tool to start your journey today.
With today’s milestone, SailPoint is once again defining the future of security—protecting human, machine, and AI access at scale—on a unified platform.
DISCLAIMER: The information contained in this document is for informational purposes only, and nothing conveyed in this document is intended to constitute any form of legal advice. The development, release, and timing of any features or functionality described for SailPoint’s products that are not currently available remain at SailPoint’s sole discretion on a when, and if, available basis and may not be delivered at all and should not be relied on in making a purchasing decision.