SailPoint Redefines Security with New Adaptive AI Platform

AUSTIN, TX – March 09, 2026 – SailPoint, a recognized leader in identity security, today announced a significant overhaul of its core platform, introducing a new AI-powered framework it calls “adaptive identity.” The move is a direct response to the escalating complexity of enterprise IT, where traditional security models are failing to keep pace with the proliferation of cloud services, sophisticated threats, and an explosion of non-human identities.

For years, identity governance has relied on periodic, manual reviews of user access—a process that is increasingly seen as too slow and reactive for the modern threat landscape. SailPoint’s new vision aims to replace this static model with a system of continuous, automated governance that can detect and remediate risk in real time across all identity types.

“The old way of identity governance is simply no longer effective,” said Chandra Gnanasambandam, SailPoint’s EVP of Product and Chief Technology Officer, in a statement. “It’s not enough to rely on static, after-the-fact reviews in today's dynamic threat landscape.” The company, which has seen its market share in identity governance grow to over 20% in recent years, is betting that this shift is necessary for survival in an AI-driven world.

Beyond Humans: Securing the AI and Machine Workforce

A critical focus of SailPoint's announcement is the extension of identity security to non-human entities. In today's enterprises, machine and AI-based identities—such as API keys, service accounts, and automated agents—are rapidly multiplying. Industry analysts project that these non-human identities could outnumber human ones by a ratio of 100 to 1 by 2025, creating a vast and often unmonitored attack surface.

These identities are essential for modern cloud operations and development pipelines, but they are frequently managed with long-lived credentials and insufficient oversight, making them prime targets for attackers seeking to move laterally and escalate privileges within a network. SailPoint is addressing this vulnerability head-on with several key innovations.

The company has introduced new connectors designed to discover and govern AI agents from a host of major platforms, including Microsoft 365 Co-Pilot, Databricks, Amazon Bedrock, and Google Vertex AI. This capability aims to bring the same level of governance applied to human employees to the AI agents that are increasingly performing critical business functions. Additionally, SailPoint announced enhancements to its Machine Identity Security offering, providing full lifecycle management for traditional machine accounts, from creation to retirement.

This focus on non-human identities aligns with emerging security best practices and frameworks like the NIST AI Risk Management Framework (AI RMF), which call for greater accountability and governance over AI systems. By integrating machine identities into a unified governance model, SailPoint aims to eliminate a critical security blind spot that many organizations are only beginning to recognize.

The Shift to Real-Time, Adaptive Governance

The core of the announcement is the “adaptive identity” framework itself, built on four key pillars: real-time governance, protection for AI and machines, universal dynamic privilege, and integrated threat management. This framework represents a fundamental departure from the compliance-centric, check-box mentality that has long characterized identity management.

Instead of periodic access certifications, the platform moves toward continuous, automated governance. A central component is a new suite of privilege management tools that automatically discover, classify, and provide insights into privileged access across the entire enterprise. The stated goal is to help customers achieve a state of least privilege or even zero standing privilege, where access is granted on a Just-in-Time (JIT) basis only when needed and for the minimum time required.

To make this sophisticated process more accessible, SailPoint is introducing a new agent for its Harbor Pilot suite. This AI-powered agent transforms the historically cumbersome process of requesting access into a simple, guided conversation, lowering the barrier to entry for users and reducing the burden on IT teams. Behind the scenes, advancements to SailPoint Observability & Insights and Data Access Security leverage the company's Identity Graph to visualize complex data access pathways, providing deeper context for both identity and data risks.

“Leveraging SailPoint’s AI capabilities, TMF Group has elevated identity governance into a fully automated, intelligence‑driven capability ensuring consistent compliance across 87 jurisdictions while supporting secure global growth,” noted Saurabh Gugnani, Senior Director at TMF Group, highlighting the real-world application of these AI-driven governance principles.

Aligning with Zero Trust and Modern Security Imperatives

SailPoint's strategic pivot is not happening in a vacuum. It directly aligns with broader cybersecurity trends, most notably the widespread adoption of Zero Trust architecture. The core tenet of Zero Trust—never trust, always verify—is impossible to implement without a robust, dynamic identity security foundation. By providing continuous validation and context-aware access controls, the adaptive identity framework serves as a critical enabler for organizations building out their Zero Trust strategies.

The platform's emphasis on integrated threat management also aims to bridge the long-standing gap between identity management teams and the Security Operations Center (SOC). By correlating identity context with threat signals, organizations can more quickly detect and respond to identity-based attacks, which have become the primary vector for major security breaches.

This push for innovation comes as SailPoint, despite its market leadership and strong revenue growth, has faced criticism from some quarters for the perceived complexity and legacy architecture of its platform. The new features, particularly the AI-driven conversational agents and automated insights, appear designed to counter these perceptions by simplifying user experience and automating complex governance tasks.

Looking ahead, SailPoint has also signaled a commitment to modernizing its foundational capabilities. A next-generation Access Certification engine and a comprehensive revamp of its Separation of Duties (SoD) module are slated for release in the second half of 2026. These updates demonstrate a clear intention to rebuild core governance functions for the performance, scale, and intelligence demanded by today's AI-driven enterprises.