Driving smarter, more flexible identity security: What’s new in SailPoint Identity Security Cloud

At SailPoint, we’re constantly thinking about how to innovate and enhance SailPoint Identity Security Cloud with new features to deliver what will provide the most value to our customers. At Navigate 2025, we’re excited to announce a series of powerful enhancements to SailPoint Identity Security Cloud that directly address some of the most common challenges our customers face today.

These new features are designed to give admins more control, reduce complexity, and expand the ways enterprises can streamline identity operations at scale.

Let’s take a closer look at what’s new.

Custom User Levels: Control without compromise

You spoke, we listened. Custom User Levels provide for more flexible choices to meet the operational and security needs of our customers. Before this enhancement, admins had to choose between roles that didn’t quite give users the access they needed—or roles that gave them more power than was appropriate. Neither option supported the true principle of least privilege.

With Custom User Levels, that compromise ends. Admins can now define their own named user levels and configure exactly what rights those levels grant. This provides greater precision, security, and flexibility, ensuring users get the right level of access for their responsibilities—no more, no less.

The result: simplified governance, reduced risk of over-privileged access, and improved user experience for both admins and end users.

Support for Account Deletion: Close the lifecycle gap

Account lifecycle management is at the heart of identity security. Support for account deletion enables customers to delete accounts at the appropriate point in the identity lifecycle, such as when a person leaves the organization.

Admins can now configure account deletion directly within policies, ensuring that when an identity leaves the organization, their accounts are fully removed across connected systems.

Support for account deletion reduces the operational overhead of managing exceptions. This delivers a cleaner, more auditable approach to lifecycle management.

Time-bound access: Limit exposure, reduce standing privilege

Privileged access now extends well beyond traditional IT infrastructure, creating constant exposure and audit gaps due to persistent, always-on access. Time-bound access in Identity Security Cloud enables organizations to grant elevated permissions only when needed and for a defined duration—minimizing risk and supporting compliance. With this enhancement, customers can adopt a time-limited access model for access to privileged resources and take a major step toward achieving a zero standing privilege environment.

Account and entitlement rename & move: Smarter correlation in Active Directory

Changes within Active Directory (AD) are a fact of life, especially when groups are reorganized or moved. Historically, when an AD group’s Distinguished Name (DN) changed, Identity Security Cloud treated it as an entirely new entitlement—causing existing entitlements to be deleted, new ones created, and breaking any references in access profiles or roles.

With account and entitlement rename & move support, the solution can now intelligently correlate these changes. That means entitlements retain their continuity even when AD groups are renamed or moved, preserving references and avoiding disruption.

This enhancement ensures stability in entitlement management and saves admins from time-consuming manual fixes.

Access profile metadata: Dynamic flexibility

Access profiles are powerful, but managing metadata attributes can be a bit cumbersome. This feature enhances the Identity Security Cloud access model metadata service by adding the ability to enrich access profiles with business context in the form of pre-defined and custom metadata. With this enhancement, the Identity Security Cloud access model metadata service now supports all Identity Security Cloud access model items which include roles, entitlements, and access profiles.

PowerShell script execution: Meeting admins where they are

Privileged Task Automation (PTA) is one of the most effective ways to automate complex IT and privileged tasks and reduce the privileged access footprint in your organization. With a significant population of admins already proficient in PowerShell, it makes sense to extend PTA’s capabilities into this familiar and widely used framework.

The new PTA PowerShell script execution feature enables admins to delegate and automate privileged tasks securely through PowerShell scripts. This delivers immediate value to customers by enabling teams to leverage existing scripts in a consistent, secure and efficient way, while reducing standing privileges.

Parameter storage: Enhancing PTA adoption

We're excited to announce that we've removed a significant barrier to PTA adoption for our Identity Security Cloud customers! Previously, using a third-party vault for credential storage added complexity and slowed down deployments. But now, with the introduction of parameter storage, Identity Security Cloud includes a centralized, secure system for storing parameters used in privileged tasks. This means simplified PTA adoption, no more dependency on external credential providers, and a much smoother, streamlined experience for you, our valued customers.

What this means for customers

These new features share a common goal: making identity security more flexible, automated, and aligned with how modern enterprises operate. Whether it’s giving admins the ability to tailor user levels, enabling full account deletion for stronger compliance, or enabling time-bound access, we’re focused on removing roadblocks and delivering real-world impact.

Identity security is never static. It evolves as organizations grow, threats advance, and technology landscapes shift. By continually enhancing SailPoint Identity Security Cloud with innovations like these, we ensure our customers can stay ahead—protecting more, managing less, and unlocking the true business value of identity security.

To learn more about how these enhancements can help you simplify identity operations and strengthen your security posture, visit the SailPoint Compass Community to read the release notes.