Blog
The future of security is adaptive identity
Authors (1)
Chandra Gnanasambandam
Executive Vice President of Product and Chief Technology Officer
SailPoint
The world enterprises operate in today is not static—it is profoundly dynamic. Workforces are in constant flux, applications multiply into the thousands, and digital workers now outnumber human workers many times over. In this environment, the long-standing disconnect between identity and security can no longer be tolerated.
At SailPoint, we believe the only way forward is through a new way of thinking about security—what we call an adaptive identity model.
Why we need adaptive identity
Adaptive identity is about securing enterprises efficiently and effectively in a dynamic world. At its core is integrative identity context: the ability to bring together identity, data, and security signals to provide clarity, control, and scale across every enterprise identity.
This isn’t just about replacing old controls. It’s about establishing a new approach to enterprise security, one where identity and data form the foundation for every decision. This requires a fundamentally different type of platform. That is what we are building.
At Navigate 2025, we announced the SailPoint Platform built on Atlas. This platform is grounded in our conviction that the only way to secure the enterprise in a dynamic world is to unify identity, data, and security context. SailPoint will remain focused on identity while partnering across the data and security ecosystems to bring disparate context together—what we call integrative identity context.
The SailPoint Platform is designed with four defining characteristics:
- Identity-first, data-first: Security actions are informed by both identity and data context.
- Dynamic access models: Support for multiple just-in-time approaches, including real-time—because static privileges are no longer sufficient.
- Security in-line: Breaches and threats can be addressed inside the SOC with real-time response and remediation.
- Intelligence embedded: AI and machine learning woven into the very fabric of the platform.
These characteristics come to life through the SailPoint Platform’s five-layer architecture. At its foundation is Atlas, SailPoint’s unified data model and graph enriched with common AI services. Above that is the control plane for all identities, centralizing governance across humans and agents alike. The real-time layer enables dynamic entitlement risk scoring, just-in-time access, and continuous authorization. Building on that, identity-centric security delivers advanced investigative tools and deep identity controls to contain threats and respond in real time. The top layer, customer experience, brings it all together—today through SailPoint and partner services, and over time through an agentic user experience powered by natural language and open protocols like SSF, CAEP, RISC, and SCIM.
Innovations powering the future
Kicking off at Navigate 2025, we will bring adaptive identity to life through five innovations designed to address the most pressing challenges enterprises face today:
1. Govern and secure AI agents
With the rapid rise of digital workers, certification can no longer be optional. It is my prediction that regulators and auditors will inevitably demand it. SailPoint Agent Identity Security allows enterprises to certify agents just as they certify humans, linking human to agent to data—a task that is uniquely difficult, and one SailPoint is already solving.
But certification is only the first step. Truly securing AI agents requires ensuring that their context is tightly bound to both the user context and the underlying data. Without this linkage, organizations run the risk of over-permissioning. By governing agents through this unified context, enterprises can both reduce risk and maintain operational agility.
2. Unified security intelligence: Bring identity and security together
We deliver both proactive visibility into the most critical privileges and reactive agility to respond in real time. This ensures organizations can take actions to both prevent threats and address them with nuance—removing access to only the most critical systems rather than shutting down entire user accounts.
3. Data access governance in the service of identity security
By binding identity and data context, enterprises can ensure that actions—human or digital—are governed by the same permissions and policies. This is essential in a world where agents act on behalf of humans. With this foundation, SailPoint will enable fine-grained authorization for agents—down to the file, row, and column level. This level of precision helps ensure that agents act only within defined bounds of user context and data sensitivity, preventing unnecessary or excessive access in an agent-driven enterprise.
4. Reimagining privilege and authorization
With the upcoming Privilege Security Posture Management, enterprises will be able to risk-model entitlements at scale—classifying them with machine learning into levels of risk. This foundation is designed to enable dynamic access models where critical permissions are handled in real time, medium-risk ones with time-based access, and lower-risk ones statically. In addition, SailPoint plans to support multiple just-in-time (JIT) models—including time-based, check-in/check-out, policy-driven, and real-time—giving enterprises the flexibility to align access with both security needs and business operations.
5 . Business Velocity
An enterprise is only as strong as its weakest link. With an average of 3,000-5,000 applications in use, leaving just one ungoverned exposes the organization. SailPoint is striving to onboard 100% of applications, delivering visibility and intelligence at every tier—from compliance to automated provisioning.
A proven track record
While we are evolving into real-time, in-line security, we do so with a proven foundation. Our breadth and depth demonstrate not only our readiness but also our unmatched capacity to deliver adaptive identity at enterprise scale.
And this is not technology for its own sake—it is about real business impact and measurable security solutions. From democratizing just-in-time access across all workers to reducing the threat response from days to seconds, SailPoint is building what enterprises need for both governance and security in the adaptive era.
Looking ahead into the adaptive identity era
Static security practices cannot keep pace with a dynamic world. The industry must adopt a more adaptive approach — one that evolves as quickly as business itself.
SailPoint is not simply releasing new products. We are reimagining how enterprises secure themselves. Our vision is bold, our platform is proven, and our commitment is clear: to equip every enterprise to thrive in the adaptive era.
Because the future of security is not static. The future is adaptive. And SailPoint is ready to lead.
See what SailPoint launched at Navigate 2025:
