SailPoint Acquires Entro to Continuously Detect and Monitor Non-Human Identities
SailPoint this week announced its intent to acquire Entro, a provider of a detection and response engine that continuously monitors AI agents and non-human identities (NHIs) for behavioral anomalies.
Upon completion of the deal in the fall, the Entro platform will be integrated with the SailPoint Agentic Fabric, a platform to discover, govern and protect autonomous AI agents and non-human identities that was launched last month.
Entro provides visibility into the specific tools, application programming interfaces (APIs) and credentials that AI agents and machine identities use to execute tasks. The Entro platform expands SailPoint’s reach to more than 1,000 types of NHIs and agents that could be using any of more than 1,200 types of credentials spanning 70 sources of enterprise data. It also enriches discovered data with metadata that maps exact relationships, permissions and usage to make it simpler to determine the blast radius of any potential incident.
SailPoint CEO Mark McClain said the acquisition of Entro complements the acquisition of Savvy Security, a provider of a platform for governing, securing and monitoring shadow IT and software-as-a-service (SaaS) applications, made last year.
In fact, the addition of the Entro platform is part of a broader effort to extend the reach of the company’s compliance management platform beyond the scope of human identities, he added. The overall goal is to enable cybersecurity teams to continuously monitor and enforce policies in real time that limit what data AI agents and other types of NHIs are allowed to access, noted McClain.
That’s crucial because AI agents, unlike humans, are accessing data at machine speed in ways that are difficult to anticipate, he added. Agents are essentially programmed to accomplish a task any way possible and, as such, will find ways to end-run policies to access data by, for example, giving itself access to another application or platform through which it can access data that it may not have been previously given permission to access directly, said McClain.
In general, AI agents are starting to expose the extent to which organizations have poorly implemented controls, he added. A day of reckoning is, in effect, now at hand as AI agents begin to circumvent policies by, for example, discovering weaknesses in configurations that enable them to complete a task by any means necessary, noted McClain.
Of course, auditors will soon have access to the same agentic AI technologies that organizations have. As such, cybersecurity and compliance teams should expect that AI agents will be used to discover issues that could lead to fines being levied, said McClain. In fact, rather than being an episodic event, it is now in the AI era, only a matter of time before audits are continuously run by AI agents capable of generating documentation as needed, he added.
Each organization will need to determine how best to secure AI agents going forward as they see fit. The one certain thing, however, is that AI agents will leave a trail that another AI agent is likely going to find easy to follow.
